Principal Policy Adviser – Enterprise in London

One permanent and two fixed term contracts

Full time / Part time

Salary: £57,815 - £65,021, with potential for further progression to £73,211 with our pay progression scheme.

Location: Hybrid. Contracted to our London, Wilmslow, Edinburgh, Cardiff or Belfast office. Our Wilmslow office will be relocating to Manchester city centre from 28 September 2026. Once the move takes place your contracted office will be Circle Square, Manchester. Through hybrid working we offer flexible home and office-based working opportunities and there will be times when you will be expected to attend the office to collaborate with colleagues or travel due to business need.

This role is open to secondment opportunities.

• Pay progression scheme.
• Hybrid and flexible working options.
• 25 days paid holiday per year, plus privilege and public holidays.
• Flexi leave (up to 26 additional days leave per year).
• Pension (employer contribution around 28.9%).
• Online discount scheme to save money at major supermarkets, retailers, gyms, restaurants, insurance providers and many more.
• Health Cash Plan.
• Fantastic development opportunities to learn and progress.

The Digital Firms and Online Safety teams are fast‐paced and handle some of the ICO’s highest‐profile issues, including the role of data protection in novel technologies, offering a strong opportunity to contribute to the ICO’s work as a leading UK and global regulator. As a Principal Policy Adviser, you will provide expert analysis on complex, high‐priority data protection matters such as AI and children’s privacy, while leading collaborative work across the ICO and drawing on colleagues’ technical, legal, and operational expertise.

The Information Commissioner’s Office (ICO) is the independent regulator of information rights. In a data-driven world, we provide advice, guidance, and support to organisations enabling compliance with their obligations, as well as protecting individuals and their personal data.

As an employer, we are passionate about making a positive difference to the lives and careers of our people, and we empower you to be curious, impactful, collaborative and respectful.

The ICO’s Enterprise Department sits within the ICO’s Regulatory Risk & Innovation Directorate. We are charged with influencing the most significant firms and sectors in the digital economy to demonstrate high standards of data protection across their full range of products and activities. We deliver this work in partnership with the UK’s other major digital regulators, including through the Digital Regulation Cooperation Forum (DRCF), which brings together Ofcom, the Competition and Markets Authority, Financial Conduct Authority and the ICO to maximise the synergies between our regulatory regimes.

We are looking for three Principal Policy Advisers to join our Digital Firms and Online Safety teams.

Digital Firms Team (1 x Permanent; 1 x Fixed term until March 2027) – The Digital Firms team is responsible for the ICO’s supervision of the highest priority ‘big tech’ firms operating in the UK digital economy (including GAMAM). You will be responsible for leading the ICO’s strategic approach to supervising the activities of big tech platforms, to drive changes in how these firms approach data processing in high priority areas (e.g. AI, children’s privacy).

Online Safety Team (Fixed term until May 2027) – The Online Safety team owns and leads the ICO’s relationship with Ofcom. You will be responsible for managing the ICO’s strategic approach to the intersection of the UK’s online safety and data protection laws, to protect people and improve regulatory certainty. You will also be responsible for leading strategic regulatory interventions to drive changes in industry approaches to data processing in high priority areas relating to online safety.

You will have significant autonomy and work closely with senior colleagues, including the ICO Executive and Senior Leadership Teams, providing expert advice in briefings and external engagements. The role requires decisiveness, a proactive approach, and effective collaboration across the ICO and with external stakeholders to shape and effectively communicate emerging strategy and policy.

You will be expected regularly to brief senior colleagues, including producing issue notes / policy position papers and leading presentations on complex and often novel issues. You will be fully conversant with relevant legislation and political, technology, social, and legal developments relevant to your areas of work, to support effective senior decision-making.

Key responsibilities:

• Provide expert insight and analysis into emerging data protection and information rights matters relevant to the Digital Firms or Online Safety team’s remit, including identifying priority regulatory issues and developing ICO responses.
• Lead fast-paced multi-disciplinary policy and supervisory projects to address data protection issues, including leading the development of ICO strategic approaches to emerging policy and compliance issues and making use of the ICO’s regulatory powers as appropriate.
• Provide strategic advice to the ICO’s Executive Team and broader senior leadership, including delivering high-quality written and verbal briefings, policy papers, and analysis to support decision-making regarding potential regulatory interventions.
• Build and maintain excellent working relationships with key internal stakeholders to collaboratively deliver strategic priorities and regulatory interventions (e.g. policy development, upstream supervision, and use of the ICO’s regulatory powers).
• Build and maintain effective regulatory relationships with key external stakeholders, including the most significant firms in the UK digital economy. This includes effective scrutiny of priority products and activities, and sometimes having challenging conversations with senior stakeholders, to influence and drive improvements.
• Contribute to managing the ICO’s relationship with Ofcom, including leading the development of ICO input into external consultations and policy discussions as needed.
• Represent the ICO at internal and external forums (such as the DRCF) and events, including clearly communicating ICO policy positions, developing networks relevant to your role, and enhancing the ICO’s public reputation.
• Proactively develop legislative expertise, keeping abreast of developments in all information rights legislation and regulations overseen by the ICO, alongside other relevant legislative, social and political developments in the UK and internationally.
• Contribute to thought leadership in the Enterprise Department to influence the ICO’s regulatory approach on priority issues (e.g. AI and children’s privacy).

Person specification

Essential criteria assessed at application stage:

• Significant professional experience in digital privacy, policy, or regulatory environments.
• Experience of leading successful projects from concept to sign-off.
• Experience of interpreting complex information which could include legislation or operational rules and procedures. Experience of applying data protection or associated legislation will be an advantage.
• Excellent written communication skills, including the ability to analyse complex information and legislation, and to formulate clear and persuasive arguments for a range of audiences.
• A strong understanding of the wider parliamentary, democratic, political and regulatory framework.