Principal Policy Adviser – Enterprise in London

One permanent and two fixed term contracts

Full time / Part time

Salary: £57,815 - £65,021, with potential for further progression to £73,211 with our pay progression scheme.

Location: Hybrid Contracted to our London, Wilmslow, Edinburgh, Cardiff or Belfast office. Our Wilmslow office will be relocating to Manchester city centre from 28 September 2026. Once the move takes place your contracted office will be Circle Square, Manchester. Through hybrid working we offer flexible home and office-based working opportunities and there will be times when you will be expected to attend the office to collaborate with colleagues or travel due to business need.

This role is open to secondment opportunities. If you are interested in a secondment with the ICO please email recruitment@ico.org.uk.

Why work for the ICO?

• Pay progression scheme.
• Hybrid and flexible working options.
• 25 days paid holiday per year, plus privilege and public holidays.
• Flexi leave (up to 26 additional days leave per year).
• Pension (employer contribution around 28.9%).
• Online discount scheme to save money at major supermarkets, retailers, gyms, restaurants, insurance providers and many more.
• Health Cash Plan.
• Fantastic development opportunities to learn and progress.

Job summary

The Digital Firms and Online Safety teams are fast‑paced and handle some of the ICO’s highest‑profile issues, including the role of data protection in novel technologies, offering a strong opportunity to contribute to the ICO’s work as a leading UK and global regulator. As a Principal Policy Adviser, you will provide expert analysis on complex, high‑priority data protection matters such as AI and children’s privacy, while leading collaborative work across the ICO and drawing on colleagues’ technical, legal, and operational expertise.

The Information Commissioner’s Office (ICO) is the independent regulator of information rights. In a data-driven world, we provide advice, guidance, and support to organisations enabling compliance with their obligations, as well as protecting individuals and their personal data.

As an employer, we are passionate about making a positive difference to the lives and careers of our people, and we empower you to be curious, impactful, collaborative and respectful.

The ICO’s Enterprise Department sits within the ICO’s Regulatory Risk & Innovation Directorate. We are charged with influencing the most significant firms and sectors in the digital economy to demonstrate high standards of data protection across their full range of products and activities. We deliver this work in partnership with the UK’s other major digital regulators, including through the Digital Regulation Cooperation Forum (DRCF), which brings together Ofcom, the Competition and Markets Authority, Financial Conduct Authority and the ICO to maximise the synergies between our regulatory regimes.

We are looking for three Principal Policy Advisers to join our Digital Firms and Online Safety teams.

• Digital Firms Team (1 x Permanent; 1 x Fixed term until March 2027) – The Digital Firms team is responsible for the ICO’s supervision of the highest priority ‘big tech’ firms operating in the UK digital economy (including GAMAM). You will be responsible for leading the ICO’s strategic approach to supervising the activities of big tech platforms, to drive changes in how these firms approach data processing in high priority areas (e.g. AI, children’s privacy).
• Online Safety Team (Fixed term until May 2027) – The Online Safety team owns and leads the ICO’s relationship with Ofcom. You will be responsible for managing the ICO’s strategic approach to the intersection of the UK’s online safety and data protection laws, to protect people and improve regulatory certainty. You will also be responsible for leading strategic regulatory interventions to drive changes in industry approaches to data processing in high priority areas relating to online safety.

You will have significant autonomy and work closely with senior colleagues, including the ICO Executive and Senior Leadership Teams, providing expert advice in briefings and external engagements. The role requires decisiveness, a proactive approach, and effective collaboration across the ICO and with external stakeholders to shape and effectively communicate emerging strategy and policy.

You will be expected regularly to brief senior colleagues, including producing issue notes / policy position papers and leading presentations on complex and often novel issues. You will be fully conversant with relevant legislation and political, technology, social, and legal developments relevant to your areas of work, to support effective senior decision-making.

Key responsibilities:

• Provide expert insight and analysis into emerging data protection and information rights matters relevant to the Digital Firms or Online Safety team’s remit, including identifying priority regulatory issues and developing ICO responses.
• Lead fast-paced multi-disciplinary policy and supervisory projects to address data protection issues, including leading the development of ICO strategic approaches to emerging policy and compliance issues and making use of the ICO’s regulatory powers as appropriate.
• Provide strategic advice to the ICO’s Executive Team and broader senior leadership, including delivering high-quality written and verbal briefings, policy papers, and analysis to support decision-making regarding potential regulatory interventions.
• Build and maintain excellent working relationships with key internal stakeholders to collaboratively deliver strategic priorities and regulatory interventions (e.g. policy development, upstream supervision, and use of the ICO’s regulatory powers).
• Build and maintain effective regulatory relationships with key external stakeholders, including the most significant firms in the UK digital economy. This includes effective scrutiny of priority products and activities, and sometimes having challenging conversations with senior stakeholders, to influence and drive improvements.
• Contribute to managing the ICO’s relationship with Ofcom, including leading the development of ICO input into external consultations and policy discussions as needed.
• Represent the ICO at internal and external forums (such as the DRCF) and events, including clearly communicating ICO policy positions, developing networks relevant to your role, and enhancing the ICO’s public reputation.
• Proactively develop legislative expertise, keeping abreast of developments in all information rights legislation and regulations overseen by the ICO, alongside other relevant legislative, social and political developments in the UK and internationally.
• Contribute to thought leadership in the Enterprise Department to influence the ICO’s regulatory approach on priority issues (e.g. AI and children’s privacy).

Person specification

Essential criteria assessed at application stage:

• Significant professional experience in digital privacy, policy, or regulatory environments.
• Experience of leading successful projects from concept to sign-off (also measured at interview).
• Experience of interpreting complex information which could include legislation or operational rules and procedures. Experience of applying data protection or associated legislation will be an advantage (also measured at interview).
• Excellent written communication skills, including the ability to analyse complex information and legislation, and to formulate clear and persuasive arguments for a range of audiences (also measured at interview).
• A strong understanding of the wider parliamentary, democratic, political and regulatory framework in the UK and internationally (also measured at interview).

Essential criteria assessed during interview:

• Excellent understanding of the technology sector and digital economy, including associated data protection issues.
• Excellent verbal communication and presentation skills and an ability to represent the ICO with a range of stakeholders.
• Excellent interpersonal skills, including the ability to negotiate and maintain good relationships with senior stakeholders.
• Ability to work under pressure and manage competing priorities.
• Ability to travel to meetings and events in the UK and overseas (possibly outside office hours).

Equality, diversity, and inclusion

The ICO is committed to promoting and enhancing equality, diversity, and inclusion. We are focused on developing a workforce that is representative of the communities we serve and together we are building an inclusive workplace where all of our colleagues have the opportunity to make a real difference. We are championing this through our Equality Diversity and Inclusion Board together with a number of staff networks. Read more about our commitment on our website.

Candidates with a disability who meet the minimum criteria for this vacancy will be invited to interview as part of the ICO’s commitment to the Disability Confident Scheme. As part of the ICO’s commitment to our EDI objectives and creating a workplace that represents the communities and societies we serve, we guarantee an interview to candidates who declare they identify as belonging from an ethnic minority background and who meet the minimum criteria for this vacancy.

If you are disabled or have an impairment and require an alternative application method, please email the HR team at recruitment@ico.org.uk.

Closing Date

Please submit your CV and cover letter by 23:59, 20 May. Your cover letter should be no more than 1,000 words and should clearly demonstrate how you meet the essential criteria for the role. We may close this vacancy early if we receive a high volume of applications. To ensure your application is considered, we encourage you to apply as soon as possible. If you require any reasonable adjustments to support your application, please contact us at recruitment@ico.org.uk.

In the event of a high volume of applications, we may not be able to invite all candidates who meet the minimum criteria to interview. However, we encourage you stay in touch and apply for future roles that match your interests. All candidates who meet the minimum criteria and apply in-line with our guaranteed interview scheme for disabled and ethnic minority applicants will be interviewed.

Clearance Required for this role: Baseline Personnel Security Standard (BPSS)