This role is available on a remote, hybrid, or office basis. Initially, all DBS employees' contracts are office-based at one of our two sites Liverpool or Darlington. Employees can apply for remote or hybrid work from day one. If approved, the arrangement will start after six months for transfers from Home Office or after completing probation for new joiners. Requests will be considered based on business needs and role requirements. Informal hybrid working arrangements are also available from day one, subject to business needs and role requirements and will be discussed further following any job offer. Job Summary This is an exciting time to be joining the Technology and Innovation Directorate at DBS. We are in the process of replacing our legacy technology and moving to a modern, cloud-based estate. To support our next generation estate, we are modernising our service model to ensure technology supports DBS teams and delivers the DBS products and services effectively for our customers. The Senior Data Protection Manager will join the Data Protection and Security team within the Directorate. The team advises business areas on a wide range of data protection compliance issues, including impact assessments, subject access requests, data transfers and risk mitigation. This is a key role, to ensure the department meets its legal responsibilities under Data Protection legislation. Further Information To view the DBS Recruitment and On-boarding Privacy Notice, please click the link below: DBS Recruitment and On-boarding Privacy Notice - GOV.UK (www.gov.uk) Job Description Act as a data protection subject matter professional, providing specialist advice on request. Promote compliance with data protection law and ensure that appropriate communications are in place and effective. Deliver and maintain set of policies, processes and procedures that support the organisations data protection needs. Support the organisation in managing the completion and review of data protection impact assessments (DPIAs), privacy notices, and data sharing agreements and principles of privacy by design. Support the management of data incidents, breaches and individual rights requests including subject access requests (SARS), complaints and enquiries. Update, log and track the progress of all data protection related matters received from data subjects, and any external parties. Support the maintenance of the Records of Processing Activity (ROPA), organisational risks and supporting documents. Collaborate effectively and serve as the primary point of contact for business directorates, internal and external assurance team, and the Information Commissioners Office (ICO). Engage with trusted external parties in relation to privacy and data protection in relation to safeguarding objectives. To provide SME support in the investigation of data protection Incidents and breaches ensuring accurate records are maintained including corrective recommendations, reporting and escalations to DPO and self-reporting to the ICO based on the risk to data subjects. Oversee Subject Access Request (SAR) process including providing advice and guidance to colleagues, employers and customers who engage with queries, complaints or any issues relating to data subject’s rights. Review new products, policies and procedures and liaise with the supplier and business units to ensure that DP implications and risks to data subject rights are fully considered as part of a privacy by design approach. Oversee proactive compliance reviews across the business and business change activity to assess potential risk with DBS compliance with Data Protection Act Analyse breach data identifying trends, overseeing the root cause analysis, development and implementation of remediation plans are completed by the business. Making decisions around the adequacy of business processes and procedures involving processing of personal data. Leading business areas to ensure processes are embedded and improvements are implemented. Others Provide Advice and influence key decision-makers to ensure compliance with data protection legislation and the effective management of information risk. Ensure all reporting of Data Protection statistics and monthly/quarterly/annually produced reports have appropriate and accurate metrics. Line management Act as a data protection subject matter professional, providing specialist advice on request. Promote compliance with data protection law and ensure that appropriate communications are in place and effective. Deliver and maintain set of policies, processes and procedures that support the organisations data protection needs. Support the organisation in managing the completion and review of data protection impact assessments (DPIAs), privacy notices, and data sharing agreements and principles of privacy by design. Support the management of data incidents, breaches and individual rights requests including subject access requests (SARS), complaints and enquiries. Update, log and track the progress of all data protection related matters received from data subjects, and any external parties. Support the maintenance of the Records of Processing Activity (ROPA), organisational risks and supporting documents. Collaborate effectively and serve as the primary point of contact for business directorates, internal and external assurance team, and the Information Commissioners Office (ICO). Engage with trusted external parties in relation to privacy and data protection in relation to safeguarding objectives. To provide SME support in the investigation of data protection Incidents and breaches ensuring accurate records are maintained including corrective recommendations, reporting and escalations to DPO and self-reporting to the ICO based on the risk to data subjects. Oversee Subject Access Request (SAR) process including providing advice and guidance to colleagues, employers and customers who engage with queries, complaints or any issues relating to data subject’s rights. Review new products, policies and procedures and liaise with the supplier and business units to ensure that DP implications and risks to data subject rights are fully considered as part of a privacy by design approach. Oversee proactive compliance reviews across the business and business change activity to assess potential risk with DBS compliance with Data Protection Act Analyse breach data identifying trends, overseeing the root cause analysis, development and implementation of remediation plans are completed by the business. Making decisions around the adequacy of business processes and procedures involving processing of personal data. Leading business areas to ensure processes are embedded and improvements are implemented. Others Provide Advice and influence key decision-makers to ensure compliance with data protection legislation and the effective management of information risk. Ensure all reporting of Data Protection statistics and monthly/quarterly/annually produced reports have appropriate and accurate metrics. Line management Person specification Essential Skills A demonstrable understanding of the Data Protection Act 2018 (UK GPDR). Exceptional written and verbal communication skills. Ability to build relationships, lead and participate in challenging conversations at all levels of the organisation. Proven ability to efficiently manage, prioritise and deliver work to meet prescribed deadlines and outcomes. Experience of working independently and in partnership with internal and external stakeholders. Experience of working on, or with, Information Security functions, teams or projects. Experience of working in a regulated industry such as public sector, healthcare, financial services. Familiarity with cyber security standards and frameworks such as ISO 27001, NIST, Government Standards GOVs007. Excellence in working with Microsoft 365 collaboration tools. Desirable Skills Recognised privacy qualifications such as IAPP CIPP/E/T/M, BSC/ISEB or preparedness to gain qualification. Behaviours We'll assess you against these behaviours during the selection process: Delivering at Pace Making Effective Decisions Managing a Quality Service Technical skills We'll assess you against these technical skills during the selection process: Data protection legislation Alongside your salary of £42,075, Disclosure & Barring Service contributes £12,189 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. The DBS offers a number of excellent benefits for its employees. These can include: Generous annual leave entitlement Excellent maternity, paternity and adoption schemes (after a qualifying period) Commitment to the health and wellbeing of our employees Employee Assistance Programme Flexible working opportunities Eyecare voucher scheme Occupational Health Service including referrals for counselling and physiotherapy 24/7 Counselling and Wellbeing Service A Civil Service Pension with an employer contribution of 28.97% The DBS vision and purpose is to make people safer by being a visible, trusted and influential organisation, providing an outstanding quality of service to all our customers and partners, where our people understand the important safeguarding contributions they make and feel proud to work here. To do this, the DBS is committed to being an employer that is able to attract, develop, retain and engage diverse talent that is representative of the communities we serve, and to be an organisation providing outstanding service to all our existing and new customers, who are diverse and have a range of different needs. We want all our staff to be able to bring their ‘whole self’ to work. Selection process details This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Technical skills. Applying for the role To apply for this post, please provide a CV together with a suitability statement of no more than 1000 words, outlining how your skills, experience and qualifications meet the requirements of the role, including all essential criteria and the key responsibilities in the job description. Selection process As part of the recruitment process the Disclosure & Barring Service will conduct a sift exercise and interview process based on Civil Service Success Profiles. Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use. For all candidates who are successful at the initial sifting stage, you will be expected to attend a panel-based interview. This will be conduced using Microsoft Teams. The aim of the panel interview will be to assess your ability to demonstrate the following behaviours: Delivering at pace Making Effective Decisions Managing a Quality Service There will also be a technical question asked during the interview based on data protection legislation. Recruitment timetable The following timetable outlines indicative dates. Please note, these dates may be subject to change without prior notice. Closing date: 25/08/2026 at 10am The initial candidate sift is due to take place week commencing 26/08/2026 Interviews are due to take place week commencing 01/09/2026 Whilst we will endeavour to provide some flexibility with regards to dates wherever possible, it is unlikely that we will be able to offer an alternative date once an appointment has been scheduled. Feedback will only be provided if you attend an interview or assessment. This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Technical skills. Security Successful candidates must undergo a criminal record check. People working with government assets must complete baseline personnel security standard (opens in new window) checks. Successful candidates must undergo a criminal record check. People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This Job Is Broadly Open To The Following Groups UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job Contact Name : DBS People Support Team Email : dbspeoplesupportteam@dbs.gov.uk Recruitment team Email : DBSPeopleSupportTeam@dbs.gov.uk