- Company Name
- Save the Children International
- Job Title
- Lead, Data Protection
- Job Description
-
**Job Title:** Lead, Data Protection
**Role Summary:**
Global operational lead responsible for overseeing data protection and privacy compliance across the organization. Provides strategic direction, governance, and advisory support to meet UK GDPR and other global data protection obligations, reporting to the Head of Information Security Services.
**Expectations:**
- Demonstrate expert knowledge of UK GDPR and major privacy frameworks.
- Lead the development and implementation of a cohesive data protection strategy and governance model adaptable to diverse regulatory environments.
- Manage cross‑functional teams, senior stakeholders, and country offices to ensure consistent application of privacy standards.
**Key Responsibilities:**
- Coordinate global implementation of data protection and privacy compliance frameworks across all entities.
- Develop and deliver the Global Data Protection Strategy, risk framework, and governance model.
- Maintain and continuously enhance data protection policies, procedures, and guidance documents.
- Design, lead, and oversee assurance activities including audits, reviews of data handling practices, data sharing, and retention.
- Monitor compliance gaps, provide strategic reporting, and elevate issues to the Data Protection Officer.
- Lead incident response for personal data breaches, documenting incidents and coordinating follow‑up actions.
- Manage data subject rights requests, ensuring timely, high‑quality compliance.
- Design and deliver training and awareness programs to embed a culture of privacy and data protection organization‑wide.
- Prepare reports, dashboards, and materials for the Data Protection Steering Committee.
- Act as subject matter expert on regulatory developments, advising on operational impacts and guiding global teams.
**Required Skills:**
- Deep expertise in UK GDPR and major privacy frameworks.
- Proven experience leading data protection compliance activities, including incident management and subject rights response.
- Strong knowledge of information technology and data management systems.
- Ability to translate compliance risks into practical, context‑specific solutions.
- Excellent written and verbal communication; ability to draft policies, procedures, and guidance.
- Strong interpersonal skills with the capacity to engage and challenge senior stakeholders constructively.
- Strategic prioritization and resource management in complex environments.
**Required Education & Certifications:**
- Degree or diploma in Law, International Development, Computer Science, Business Technology, Cybersecurity, Information Security, or equivalent professional experience.
- Recognised privacy qualification (e.g., CIPP, ISEB, C‑DPO).
**Desirable Certifications:**
- IT security or assurance certification (ISO27001 Implementer, CISSP, CISM).
- Experience in large, complex, or global organisations; exposure to project or change management activities.