Data Protection Officer

About the Company - A leading IT consultancy have won a bid for a project with a Magic Circle law firm and are seeking a Data Protection Officer to ensure the data migration project they are undertaking meets the highest standards of privacy and compliance to safeguard sensitive client and business information. Azure experience is preferred.

Role: Data Protection Officer

Location: Remote

Rate: DOE

Length: Initial 6 months + chance for extension

Responsibilities:

• Design and implement technical solutions to embed data privacy principles (such as data minimisation, purpose limitation, and privacy by design) into systems and processes.
• Collaborate with data engineers, architects, and product teams to integrate privacy-enhancing technologies (PETs) and ensure data protection is considered throughout the development lifecycle.
• Build and maintain tools and automation for privacy-related tasks, such as data classification, data discovery, and consent management.
• Work closely with data protection and legal teams to interpret privacy requirements and translate them into technical controls and system configurations.
• Support the implementation and maintenance of privacy compliance frameworks aligned with regulations such as the UK GDPR, EU GDPR, and relevant international standards.
• Conduct technical assessments and risk analyses related to data flows, storage, and processing activities.
• Implement and monitor mechanisms for data subject rights (e.g., access, erasure, rectification) and ensure timely and accurate responses.
• Ensure robust logging, auditing, and reporting mechanisms are in place to support transparency and accountability.
• Contribute to incident response processes by providing technical expertise in the event of a data breach or security incident.
• Stay informed of emerging technologies, privacy risks, and regulatory changes, and assess their impact on existing systems and practices.
• Assist in defining and maintaining data retention policies and secure deletion procedures.

Key Skills Required:

• Strong understanding of data protection laws and regulations, including the UK GDPR, EU GDPR, Data Protection Act 2018, and relevant international frameworks.
• Technical proficiency in data architecture, software engineering, or systems design, with experience embedding privacy requirements into digital products and infrastructure.
• Knowledge of privacy-enhancing technologies (PETs) such as data anonymisation, pseudonymisation, differential privacy, and encryption techniques.
• Experience with data discovery, classification, and mapping tools to track data flows and processing activities across systems.
• Familiarity with cloud platforms and architectures, ideally Azure, and how to implement privacy controls in cloud-native environments.
• Understanding of secure software development practices, including privacy-by-design and privacy-by-default principles.
• Hands-on experience with identity and access management (IAM), role-based access control (RBAC), and user consent mechanisms.
• Proficiency in scripting or programming languages (e.g. Python, Java, Go, or JavaScript) for automating privacy controls or integrating with APIs.
• Ability to work cross-functionally with legal, security, product, and engineering teams to deliver privacy-compliant solutions.
• Strong problem-solving and analytical skills, with the ability to assess complex systems and identify privacy risks.
• Excellent communication skills, capable of explaining technical privacy concepts to both technical and non-technical stakeholders.
• Familiarity with data protection management tools (e.g. OneTrust, TrustArc, BigID).

If you feel this role is of interest please apply now!