Job Specifications
We are Two Circles. We are a Sports & Entertainment Marketing business. We drive growth for sports properties by delivering deeper connections with fans through the intelligent use of data and technology.
We work with clients to help them understand & influence what their fans are doing - the way fans spend their money, the events that fans attend, the channels fans respond to, the content fans watch and more. And we use the understanding this gives us to help our clients grow. Grow their audiences and grow their revenues - both direct to consumer and business to business revenues.
Our platforms and services are trusted by over 900 clients globally, including the English Premier League, Red Bull, UEFA, VISA, the NFL, Nike and Amazon. We are almost 1000 people, based out of 14 offices, and we deliver work for sports and entertainment businesses of all shapes and sizes all over the world
Data is at the centre of our approach - helping clients to better understand their customers and deliver insights that influence top-level decision-making. From there, we develop digital products and integrate data and technology solutions that grow audiences and revenue across ticketing, participation, sponsorship and media.
JOB DESCRIPTION
As a Data Protection Officer at Two Circles, you will have the opportunity to drive and shape the privacy compliance and AI governance frameworks across one of the world's leading and fastest-growing sports and entertainment marketing and technology businesses. We are looking for someone who is comfortable working at pace and responsibly balancing the demands of maintaining a first-class privacy programme with enabling high levels of growth for Two Circles and our clients.
You will be responsible for our global privacy framework being continually improved and deeply embedded within our business. Reporting to the Group General Counsel, you will act as a trusted senior advisor within the business, providing pragmatic, risk-based executive-level guidance that enables growth while ensuring strong regulatory compliance and protection of personal data. This is a hands-on leadership role, requiring a combination of strategic oversight and deep technical expertise.
You will work closely with senior stakeholders across our Technology, Legal, Cybersecurity, Product, Operations and client-facing teams, embedding data protection as a business enabler .
You will also mentor and support more junior privacy colleagues and data protection champions across the business, helping to raise overall maturity and capability.
KEY RESPONSIBILITIES
Leadership & Strategy
Act as a senior subject-matter expert on data protection and AI governance across the organisation
Set and deliver the global privacy strategy and roadmap
Provide clear, commercially aware advice on privacy risk, compliance and mitigation
Governance, Risk & Compliance
Own and oversee core compliance artefacts, including ROPA, DPIAs, risk registers and policy frameworks
Ensure ongoing compliance with applicable regulations
Lead internal and external audits across relevant frameworks
Manage and continually improve privacy governance, controls and reporting
Manage international data transfers on a global basis
Privacy by Design & Technology
Embed Privacy by Design and Security by Design principles into product development, solution architecture and client delivery
Partner closely with Technology and Product teams to influence design decisions
Provide expert oversight of technical data protection controls
Identify and implement opportunities to automate and enhance privacy and security controls across the business
Incident Management & Assurance
Lead and coordinate responses to data protection and information security incidents, including investigation, remediation and regulatory engagement where required
Oversee third-party and vendor due diligence, contract reviews and ongoing assurance
Support internal stakeholders with complex assurance, audit and client security questionnaires
Training & Culture
Design and deliver training and awareness programmes to upskill colleagues on data protection and information security
Champion a strong culture of accountability, good practice and continuous improvement across Two Circles
Requirements
Essential:
Significant experience in a data protection, privacy or information governance role (typically 6-10+ years)
Strong, practical knowledge of UK GDPR, EU GDPR,PECR, CCPA and other relevant global privacy legislation
Experience working with ISO 27XXX frameworks and audits
Proven ability to lead risk management and governance activities
Strong understanding of technical implementations of data protection controls
Ability to tailor advice through a clear, risk-based and commercially pragmatic lens. Capable of knowing when to explain "why", when to describe "how", and of always seeing the big picture.
Deep understanding of Privacy by Design and Security by Design and the ability to influence c
About the Company
Founded in 2011, Two Circles is an international sports and entertainment marketing business that leverages data and knowing fans best, to help organizations grow audiences and revenues.
From thirteen international offices, Two Circles works with some of the biggest names in sports and entertainment, including the NFL, Premier League, UEFA and EA. The business uses data to grow the volume and value of fan relationships across all channels, to increase revenue across media rights, sponsorship, retail and licensing and ti...
Know more