Group Data Protection Compliance Manager

At Marks & Spencer, trust is at the heart of everything we do. As Group Data Protection Compliance Manager, you will play a key role in maintaining that trust by shaping and maintaining our group-wide data protection compliance framework. Sitting within our central Data Protection (DPO) Team and Legal function, this role works at the intersection of risk, compliance and innovation. You will partner closely with colleagues across the business to ensure data protection risks are well managed and clearly understood, enabling M&S to continue its digital transformation and drive responsible use of data and Artificial Intelligence. This is a brilliant opportunity to apply your expertise in a role that has genuine impact across the Group, while working in a collaborative, supportive and purpose-driven environment.

What You'll Do

• Maintain and enhance our data protection compliance framework, ensuring different elements work together effectively.
• Lead and support group-wide data protection risk management, ensuring risks are consistently identified, assessed, tracked and reported in line with our risk appetite.
• Develop, enhance and deliver clear, insightful compliance reporting and metrics for senior business partners, committees and governance forums.
• Maintain and evolve data protection policies, procedures and governance processes to ensure they remain robust, practical and sustainable.
• Support effective monitoring, assurance and audit activity to assess the design and operation of data protection controls across the Group.
• Drive improvements to data processing records, DPIAs and third-party due diligence, working collaboratively with Risk, Information Security and business teams.

Who You Are

• Strong experience working in a data protection or privacy role, with deep knowledge of UK data protection law and regulation.
• Proven ability to manage and advise on data protection risk in a complex, fast-moving organisation.
• Confidence providing pragmatic, solutions-focused advice to a wide range of business partners.
• Experience contributing to governance, reporting, monitoring or assurance activities.
• Data protection qualifications such as IAPP CIPP/E, CIPM or equivalent is desirable, but we also welcome candidates with equivalent practical experience.

What's in it for you

• 20% colleague discount on all M&S products and many third-party brands for you and someone in your household, available once you have completed your probation.
• Competitive holiday allowance with the option to buy more.
• Discretionary bonus schemes linked to your performance and ours.
• Strong pension and life assurance to help plan for the future.
• Tailored induction and training to support your development from day one.
• Exclusive perks and savings through our M&S Choices portal.
• Market-leading family policies, including parental, adoption and neonatal leave.
• 24/7 wellbeing support, including virtual GP access and mental health services.
• One paid volunteer day a year to support a cause that matters to you.

Everyone's welcome. We are ambitious about the future of retail. We’re disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We're transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together. If you feel you’d benefit from any support or reasonable adjustments during any stage of the recruitment process, please let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.