Description:
Data Protection Manager
Location: Cambridge
We are working with a highly regarded organisation seeking a new hire for a Data Protection Manager. This is a key operational and advisory role supporting the delivery and continuous improvement of a complex privacy, information governance and AI compliance framework across a large, multi-stakeholder organisation.
The Role
Reporting into the Head of Data Protection, you will play a central role in the day-to-day running of the organisation’s data protection, privacy, AI governance and information governance activities. This is a hands-on role with real operational ownership, ideal for someone who enjoys balancing advisory work with execution and case management. You will act as a trusted point of contact for privacy matters, ensuring risks are identified, managed and escalated appropriately, while supporting the embedding of privacy by design across business operations.
Key Responsibilities
- Manage day-to-day privacy, data protection, AI governance and information governance operations
- Own and coordinate DSARs (access, erasure, rectification, objection requests) end-to-end
- Lead on data breaches and incident management, including logging, investigation support and regulatory input where required
- Support and advise on DPIAs and privacy risk assessments, embedding privacy-by-design across projects and systems
- Maintain and enhance core compliance records including ROPA, privacy risk registers, incident logs and policy documentation
- Act as first-line contact for privacy queries, triaging and escalating complex matters
- Support and review AI-related risk assessments and governance processes, including high-risk sign-off workflows
- Deliver clear reporting, metrics and insights for governance forums and senior stakeholders
- Contribute to training, awareness and privacy culture initiatives across the organisation
- Deputise for the Head of Data Protection when required
- Support wider information governance requirements, including Freedom of Information handling and records management
- Engage with stakeholders across legal, compliance, HR, technology and business teams in a matrix environment
About You
We are looking for a confident, hands-on privacy professional with strong operational experience and the ability to thrive in a complex, fast-paced environment.
Essential experience and skills:
- Proven, full-spectrum experience in data protection / privacy / information governance roles
- Experience working in a corporate, multi-layered organisation (large-scale or matrix environments preferred)
- Strong practical knowledge of GDPR and wider data protection frameworks
- Hands-on experience managing DSARs, DPIAs, breaches and privacy risk processes
- Ability to translate legal and regulatory requirements into clear, practical guidance
- Strong stakeholder management and communication skills across all levels
- Comfortable working autonomously while knowing when to escalate appropriately
- Analytical mindset with experience producing reporting and risk insights
Desirable (not essential):
- Exposure to or genuine interest in AI governance / responsible AI frameworks
- Experience working across international jurisdictions or global teams
- Familiarity with information governance frameworks beyond core privacy compliance
- Experience supporting or mentoring junior team members