Data Protection Officer (DPO) - London - Outside IR35
Posted Today by Strike IT Recruitment Services
Negotiable
Outside
Hybrid
London Area, United Kingdom
Summary: The Data Protection Officer (DPO) role is a contract position based in London, focusing on enhancing the organization's data protection framework and ensuring compliance with UK GDPR and privacy regulations. The DPO will provide expert guidance across various business functions, manage data protection policies, and support key business initiatives. This position offers hybrid working arrangements and is classified as outside IR35. The contract is initially for three months with a likelihood of extension.
Key Responsibilities:
- Act as the organisation's Data Protection Officer, providing expert advice on UK GDPR, Data Protection Act 2018 and privacy legislation.
- Review, develop and enhance data protection policies, standards and governance frameworks.
- Advise stakeholders on privacy-by-design principles across projects, systems and business initiatives.
- Conduct and review Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs).
- Manage and oversee data breach processes, investigations and regulatory reporting where required.
- Provide guidance on data sharing agreements, supplier contracts and third-party risk from a privacy perspective.
- Support responses to Data Subject Access Requests (DSARs) and other individual rights requests.
- Deliver privacy training and increase awareness across the business.
- Work closely with Legal, IT, Security, HR and operational teams to ensure ongoing compliance.
- Monitor regulatory developments and recommend improvements to the organisation's privacy framework.
- Prepare reporting for senior leadership on compliance, risks and recommendations.
Key Skills:
- Proven experience operating as a Data Protection Officer (DPO) or Senior Data Privacy Consultant.
- Strong knowledge of: UK GDPR, Data Protection Act 2018, PECR, ICO guidance and regulatory expectations.
- Experience developing and implementing privacy governance frameworks.
- Strong experience completing DPIAs, privacy risk assessments and compliance reviews.
- Experience advising on third-party supplier risk and data processing agreements.
- Ability to interpret legislation and translate it into practical business guidance.
- Excellent stakeholder management skills with experience engaging senior leadership.
- Strong communication skills, both written and verbal.
- Ability to work independently within a fast-paced environment.
Salary (Rate): undetermined
City: London
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: Other
Data Protection Officer (DPO) – Contract
Location: London (Hybrid Working)
Contract: Initial 3 Months (Likely Extension)
Engagement: Outside IR35
The Opportunity
We are seeking an experienced Data Protection Officer (DPO) to join a leading organisation on an initial 3-month contract. This is an excellent opportunity to lead and strengthen the organisation's data protection framework, ensuring compliance with UK GDPR and wider privacy regulations while supporting key business initiatives. Working across multiple business functions, you will provide expert guidance on data privacy, governance and regulatory compliance, helping the organisation embed best practice across all areas of the business. This role offers hybrid working and sits outside IR35.
Key Responsibilities
- Act as the organisation's Data Protection Officer, providing expert advice on UK GDPR, Data Protection Act 2018 and privacy legislation.
- Review, develop and enhance data protection policies, standards and governance frameworks.
- Advise stakeholders on privacy-by-design principles across projects, systems and business initiatives.
- Conduct and review Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs).
- Manage and oversee data breach processes, investigations and regulatory reporting where required.
- Provide guidance on data sharing agreements, supplier contracts and third-party risk from a privacy perspective.
- Support responses to Data Subject Access Requests (DSARs) and other individual rights requests.
- Deliver privacy training and increase awareness across the business.
- Work closely with Legal, IT, Security, HR and operational teams to ensure ongoing compliance.
- Monitor regulatory developments and recommend improvements to the organisation's privacy framework.
- Prepare reporting for senior leadership on compliance, risks and recommendations.
Required Skills & Experience
- Proven experience operating as a Data Protection Officer (DPO) or Senior Data Privacy Consultant.
- Strong knowledge of: UK GDPR Data Protection Act 2018 PECR ICO guidance and regulatory expectations
- Experience developing and implementing privacy governance frameworks.
- Strong experience completing DPIAs, privacy risk assessments and compliance reviews.
- Experience advising on third-party supplier risk and data processing agreements.
- Ability to interpret legislation and translate it into practical business guidance.
- Excellent stakeholder management skills with experience engaging senior leadership.
- Strong communication skills, both written and verbal.
- Ability to work independently within a fast-paced environment.
Desirable Experience
- Experience within property, hospitality, venues, events, real estate or customer-facing organisations.
- Knowledge of ISO 27001 and information security governance.
- Experience working alongside Cyber Security and Information Security teams.
- Privacy certifications such as: CIPP/E CIPM BCS Data Protection Practitioner
- Experience supporting organisations through privacy audits or ICO enquiries.