East Midlands Combined County Authority (EMCCA) is the first mayoral combined county authority in the country – a bold new organisation established in 2024 to drive growth and opportunity across Derbyshire, Nottinghamshire, Derby and Nottingham. By bringing decision-making closer to our region, we’re creating a better connected, more competitive and more prosperous East Midlands. We’re building our new legal and governance functions from the ground up – and this is a rare opportunity to join at a formative stage, shape policy and practice, and play a vital role in ensuring EMCCA’s work is underpinned by transparency, accountability and public trust. About the Role We’re looking for a knowledgeable and forward-thinking Head of Information Governance to lead EMCCA’s approach to data protection, information security and records management. As EMCCA’s statutory Data Protection Officer, you’ll play a key role in safeguarding the organisation’s integrity and supporting effective, lawful decision-making across the Authority. Working closely with senior leaders, including the Director of Legal, Governance and Compliance, you will: Lead EMCCA’s Information Governance and Data Protection strategies, policies, and procedures Provide expert advice on data protection, privacy, and information governance Ensure compliance with UK GDPR, FOIA, PECR and related legislation Lead investigations into data breaches and information security incidents Oversee the management of Subject Access Requests, FOI and EIR requests Act as the primary point of contact for the Information Commissioner’s Office (ICO) and internal stakeholders Support the Senior Information Risk Owner (SIRO) and leadership team in managing risk and driving continuous improvement This is an exceptional opportunity to design and lead a modern, future-ready information governance framework at the heart of a newly devolved regional authority. You’ll play a vital part in ensuring EMCCA’s work is transparent, trusted and built on strong foundations. About You You will bring: Extensive knowledge of Data Protection legislation, FOIA and EIR Experience leading an information governance or data protection function in the public sector or a large organisation Experience drafting policies, delivering training and providing specialist advice A relevant degree or equivalent professional experience A recognised qualification in Data Protection, FOI or Information Governance (e.g. CIPP) A collaborative and proactive approach, with excellent communication and influencing skills A commitment to EMCCA’s values: Lifting our region, Working together, Making an impact, and Being human You’ll be someone who thrives in a new and evolving organisation. You’ll be confident shaping systems, managing risk, and embedding a culture of excellence and accountability across all areas of governance. Why EMCCA? We’re a values-driven organisation – lifting our region, working together, making an impact, and being human. Join us and help build a prosperous, sustainable and fairer East Midlands from the ground up. This is your chance to be part of something new – shaping how information is managed, influencing best practice, and ensuring public trust in a growing regional authority. How to Apply Please submit an up-to-date CV (maximum three sides of A4), along with a cover letter outlining your experience and achievements. Your cover letter should include: Why you are interested in joining EMCCA (around 250 words) What you can bring to EMCCA, including how your skills, knowledge, and experience align to the role To apply, or for an informal discussion about the role, please contact EMCCA HR at emccahr@eastmidlands-cca.gov.uk. EMCCA is committed to building a diverse and inclusive workforce. We welcome applications from people of all backgrounds and will make reasonable adjustments to support candidates throughout the recruitment process. To apply please click the Apply Now link below.