Senior Data Risk Manager (Privacy)

Senior Data Risk Manager (Privacy)

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Kennedys

At a Glance

  • Tasks: Lead data privacy initiatives and manage compliance with global regulations.
  • Company: Join Kennedys, a forward-thinking firm prioritising risk and compliance.
  • Benefits: 12-month contract with opportunities for professional growth and development.
  • Other info: Inclusive workplace committed to equal opportunities and career advancement.
  • Why this job: Make a real impact on data protection and privacy in a dynamic environment.
  • Qualifications: Expertise in GDPR, data risk management, and stakeholder engagement required.

The predicted salary is between 60000 - 80000 £ per year.

Kennedys is looking for a Senior Data Risk Manager to join our Risk & Compliance team on a 12 month fixed term contract. The role provides strategic oversight and operational leadership across data privacy, regulatory compliance and information risk. It ensures personal data is managed lawfully, securely and in line with global regulatory requirements, acting as a subject‑matter expert in data protection and privacy risk.

The Risk & Compliance team handles a wide range of partnership and risk and compliance issues for the firm and acts as an in‑house legal department. The Data Risk Team specialises in risk to data, privacy and information as well as compliance with associated regulations and best practice globally, keeping abreast of new and emerging risks associated with technology such as AI.

Key Responsibilities:
  • Act as subject‑matter expert on data protection (GDPR, UK DPA)
  • Lead DPIAs and privacy risk assessments
  • Oversee the maintenance of risk registers and mitigation plans
  • Develop privacy policies and frameworks
  • Support ISMS and ISO 27001 alignment
  • Lead incident and breach management
  • Engage stakeholders and deliver training
  • Support AI and emerging risk governance
  • Product owner for Surecloud (or equivalent) platform
  • Lead and develop team members and deputise for Head of Data Risk as required
Required Experience:
  • Strong knowledge of GDPR and global privacy laws including HIPAA, PIPA and Australian Privacy
  • Experience in data risk management and governance
  • DPIA and incident management experience
  • Understanding of ISO 27001 / ISMS
  • Demonstrable experience of assessing AI and privacy risks
  • Stakeholder engagement skills

Kennedys is an equal opportunities employer and is committed to ensuring our recruitment processes are as inclusive as possible. We expect all employees to be aware of and comply with all relevant policies and procedures within their jurisdiction, including those relating to Information Security, Data Protection and Quality Management, refer any breach promptly to Risk & Compliance and to complete all mandatory training when requested.

Kennedys

Contact Details:

Kennedys Recruitment Team

We think you need these skills to ace Senior Data Risk Manager (Privacy)

Data Protection Expertise
GDPR Knowledge
UK DPA Knowledge
DPIA Experience
Privacy Risk Assessment
Risk Management
ISO 27001 Understanding