Serco Limited
Here at Serco, we’re looking for an experienced and operationally sharp Data Privacy Advisor to join our UK and Europe Data Protection Team, embedded within the Enterprise Data Office. This is an opportunity to do privacy work that genuinely matters — advising on complex, real-world data challenges across a business that delivers essential public services to millions of people every day. From justice and defence to health and transport, the data Serco handles is sensitive, high‑stakes, and subject to significant public and regulatory scrutiny. You’ll not be maintaining a steady state — you’ll be building something.
Reporting to the Head of Data Governance and Management, you’ll work closely with the Data Protection Officer, senior stakeholders, and operational leads across the business to drive forward Serco’s data protection compliance and accountability. You’ll also be the person who develops and embeds a network of Data Protection Champions across functions, business units, and contracts — shaping a culture of data responsibility from the ground up.
As part of this you’ll:
* Provide hands‑on operational advice and guidance on data protection and privacy matters across the full data lifecycle
* Lead on Data Protection Impact Assessments (DPIAs), individual rights requests, and breach management — identifying root causes, assessing risk, and advising on reporting obligations to regulatory bodies
* Build and develop a network of Data Protection Champions and Leads across the business
* Review and advise on data protection policies, operating procedures and associated documentation
* Provide guidance on data sharing compliance and support supplier and customer contracting activity from a data protection perspective
* Develop and deliver training and awareness materials across the business
* Support the Data Protection Officer (UK and Europe) and Group General Counsel on matters of compliance, risk, and regulatory change
* Contribute to global data operations and international legislation workstreams, adding real breadth to your experience
What you’ll need to do the role:
* Solid, demonstrable hands‑on experience of GDPR, DPA 2018 and UK/EU data protection legislation — this is the foundation of everything
* Proven operational delivery across DPIAs, individual rights and breach management
* The ability to advise and influence at all levels — from operational colleagues through to senior executives and legal counsel
* Experience operating in a matrix organisation across multiple stakeholders, sites, and business areas
* Confidence developing and delivering training and communications on complex regulatory topics
* CIPP, CIPM or a GDPR Practitioner Certificate is a plus — but if your experience speaks for itself, we want to hear from you
* The pragmatism to translate complex legislative requirements into practical, workable solutions for a large and diverse business
#J-18808-Ljbffr