Data Protection and Assurance Officer | Greater Manchester | Hybrid | £52,000 - £55,000 pa | 12 Month FTC
Castlefield Recruitment are currently working in partnership with a regulated organisation in the Housing sector to recruit a Data Protection & Assurance Lead on a 12 month fixed term basis.
This is a newly developed, high-profile role that will combine strategic and operational responsibilities across data protection, assurance, and compliance. Acting as the named Data Protection Officer, you will lead on ensuring organisation-wide GDPR compliance, while also supporting broader risk and assurance functions.
Key Responsibilities
Data Protection (DPO):
1. Act as the named Data Protection Officer for the organisation
2. Lead on the review and development of data protection policies and procedures
3. Oversee GDPR compliance and maintain up-to-date records of processing activity
4. Manage data sharing agreements, breach reporting, DPIAs and Subject Access Requests
5. Work with internal teams to embed best practice data governance across operations
6. Raise awareness through training and guidance to all levels of staff
7. Act as first point of contact for the ICO and data subjects
8. Monitor legislative developments such as the Data Usage and Access Act 2025
Assurance & Compliance:
9. Support the delivery of the quarterly internal assurance cycle
10. Monitor compliance with regulatory and legal frameworks (e.g. Social Housing Regulation Bill)
11. Maintain internal audit action trackers and policy frameworks
12. Support the preparation of reports to senior leadership and board-level committees
13. Assist in the review of legal updates and ensure organisational readiness
14. Collaborate with internal teams to manage the Asset & Liabilities Register and Risk Register
15. Promote a culture of continuous improvement, transparency, and accountability
Experience and Skills Required
16. Proven experience in a data protection, governance, or compliance role (ideally as DPO or similar)
17. Strong understanding of UK GDPR and other relevant regulatory requirements
18. Experience working in a regulated environment (housing, healthcare, public sector etc.)
19. Ability to interpret complex legislation into operational practice
20. Confident managing internal assurance or audit processes
21. Excellent communication skills and stakeholder engagement experience
22. Relevant data protection qualification (e.g. CIPP/E, CIPM) is desirable but not essential