Security Control Centre Data Protection Manager in Glasgow

For jobs located in Wales, the ability to speak Welsh is desirable. The Department for Work and Pensions (DWP) is one of the government’s largest public service departments with a sizeable annual budget, serving over 20 million citizens. The estate spans 1.4 million square metres across 800+ sites and supports around 78,000 colleagues. Our vision includes DWP colleagues, supply chain, partners and, most fundamentally, the customers the Department exists to serve. They are the reason for our existence.

We are responsible for the day-to-day operation of our vast Estate by managing a private sector supply chain that delivers essential services such as Security Guarding, Maintenance, Property and Leasehold Management, Construction, Cleaning and Facilities Management. DWP Estates is not just about maintaining buildings - it’s about transformation.

Our strategic goals include:

• Transitioning to a smaller, more affordable, and adaptable estate to meet future needs
• Investing in infrastructure through planned replacement works
• Embedding sustainability in line with Government Greening Commitments (GGCs)
• Delivering cost-effective services while maintaining high standards
• Creating a professional, best-in-class working culture across the Government Property profession

Our Estates strategy ambitions have been refreshed to take us through to 2030:

• OPTIMISE: Continue to transition to a more affordable and adaptable DWP estate that creates productive environments
• INVEST: Investment in an improved environment that better meets the needs of customers and colleagues and minimises service disruption
• SUPPORT: the drive for sustainability throughout DWP
• DELIVER: Expertly deliver improving, cost-effective services for DWP
• THRIVE: Continue to develop a working culture for DWP Estates that is best in class across government

There is no better time to join the award winning DWP Estates team. The Security Control Centre (SCC) Data Protection Manager will set up Data Protection processes and manage all related Data Protection enquiries for the Security Control Centre. They will ensure that all personal data handled by the SCC and DWP will be done so in compliance of Data Protection legislation and follows DWP’s Data Protection principles. The role will be appointed to the Security Control Centre only but there is an expectation the successful applicant will have a strong working relationship with the main DWP Data Protection team and other Government Departments where necessary.

Key accountabilities:

• Lead the interpretation, implementation, and ongoing management of the Data Protection Act 2018, UK GDPR, and relevant ICO guidelines, ensuring the department’s processes are fully compliant.
• Act as point of contact for senior stakeholders internal and external for all data protection questions, providing explanation and assurance around data protection implications and guiding policy decisions.
• Advise senior leadership on UK GDPR/DPA 2018 compliance, emerging regulatory trends, and risk appetite implications.
• Monitor and review new legislation, including Data (Use & Access) Act 2025 (DUAA), to ensure business processes and practices remain fully compliant with regulatory requirements.
• Define privacy requirements for projects, systems, and estates platforms.
• Develop, review, and refine departmental policies and procedures to ensure they reflect best practice, legal requirements, and efficient workflows.
• Review and assess existing processes to confirm their legal basis, implementing appropriate mitigations such as Legitimate Impact Assessments (LIA) where required.
• Provide real-time advice and guidance to staff, internal stakeholders, and suppliers regarding data rights and responsibilities.
• Lead Data Protection Impact Assessments (DPIAs) for new systems, projects, and processes; maintain high standards and report outcomes.
• Identify Data Protection Risks and provide appropriate mitigations to ensure they are within risk appetite.
• Map and analyse departmental data flows to identify points of risk, ensure proper controls are in place, and maintain governance documentation.
• Draft, evaluate, and negotiate Data Sharing Agreements and supplier contracts with robust data protection clauses.
• Ensure onboarding of third-party data processors aligns with legal requirements and manage ongoing compliance oversight.
• Review contracts to ensure appropriate Data Protection Clauses are in place.
• Engage and build strong working relationships with internal and external stakeholders to better understand and meet their needs.
• Provide leadership by coaching and mentoring junior staff, helping them develop and maintain best practice in data protection.
• Influence a culture of data privacy and security through workshops, training, and strategic communications.
• Support integrated governance between Data Protection, Information Security, and FOI functions, ensuring consistency with DWP and Civil Service policies.
• Monitor compliance metrics, maintain oversight of compliance activities, and raise concerns or improvements to the Security & Data Protection Senior Leadership Team.
• Experience of high-level collaboration with key stakeholders in problem solving, managing and escalating issues.
• Excellent written and oral communication. Experienced report and business case writer.