Legal & Data Protection Officer in City of London

Legal & Data Protection Officer in City of London

City of London Full-Time 30000 - 40000 Β£ / year (est.) No working from home possible
Meritus

At a Glance

  • Tasks: Support privacy and AI governance initiatives while collaborating with diverse teams.
  • Company: Leading software organisation focused on responsible innovation.
  • Benefits: Competitive pay, remote work, and a chance to shape AI governance.
  • Other info: Join a specialist compliance team with excellent career growth opportunities.
  • Why this job: Make a real impact in data protection and AI governance within a dynamic environment.
  • Qualifications: CIPP/E-qualified with 4-5 years' experience in data protection or AI governance.

The predicted salary is between 30000 - 40000 Β£ per year.

MERITUS are recruiting for a Data Protection & AI Governance Business Partner to join a leading software organisation, supporting enterprise-wide privacy, compliance, and responsible AI initiatives across a diverse portfolio of technology products and services.

This role requires a CIPP/E-qualified Data Protection professional with 4-5 years' experience working within a software house, SaaS provider, or technology-led organisation in a similar Data Protection, Privacy, or AI Governance position.

As a Data Protection & AI Governance Business Partner, you will play a key role in operationalising privacy and AI governance frameworks, delivering expert advisory services, and supporting responsible innovation across the business. Working within a specialist compliance team, you will partner closely with Product, Engineering, Technology, Operations, HR, Legal, and Security teams to ensure privacy and AI governance requirements are embedded throughout the organisation.

This is an excellent opportunity for an experienced privacy professional with a strong background in GDPR compliance, supplier assurance, privacy impact assessments, and emerging AI governance practices within a software development environment.

  • Lead supplier assurance reviews for AI systems and data protection matters, assessing contractual and technical controls and approving supplier assurance outcomes within delegated authority.
  • Lead and facilitate Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), and AI Impact Assessments.
  • Review privacy and AI risks, recommending practical mitigations and assessing readiness for implementation.
  • Act as a trusted advisor to business stakeholders, providing pragmatic guidance on UK GDPR, Data Protection Act 2018, PECR, ISO 27701, AI governance principles, and internal compliance frameworks.
  • Support the implementation and continuous improvement of privacy and AI governance controls across products, services, and business processes.
  • Collaborate with Product, Engineering, and Technology teams to ensure privacy-by-design and responsible AI principles are embedded into solutions.
  • Support compliance projects and governance initiatives as required by the Data Protection Officer and Head of Data Protection & AI Governance.
  • Contribute to risk management activities, governance reporting, and wider compliance objectives.

4-5 years' experience working in a similar Data Protection, Privacy, or AI Governance role within a software house, SaaS provider, or technology organisation.

  • Strong working knowledge of UK GDPR, Data Protection Act 2018, PECR, and privacy governance frameworks.
  • Proven experience conducting DPIAs, LIAs, supplier due diligence reviews, and privacy risk assessments.
  • Working knowledge of AI governance principles, responsible AI frameworks, and AI risk assessment methodologies.
  • Strong analytical and problem-solving skills with a pragmatic approach to risk management.
  • Experience with AI/ML governance frameworks, NIST AI Risk Management Framework, or equivalent AI governance standards.

Legal & Data Protection Officer in City of London employer: Meritus

MERITUS is an exceptional employer that champions a culture of innovation and collaboration, making it an ideal place for professionals in the legal and data protection field. With a focus on employee growth, the company offers extensive training opportunities and supports a remote work environment, allowing for flexibility and work-life balance. Joining MERITUS means being part of a forward-thinking team dedicated to responsible AI governance and privacy compliance, where your expertise will directly contribute to shaping the future of technology products and services.

Meritus

Contact Details:

Meritus Recruitment Team

We think you need these skills to ace Legal & Data Protection Officer in City of London

CIPP/E Qualification
GDPR Compliance
Data Protection Act 2018
PECR Knowledge
ISO 27701
Privacy Impact Assessments (DPIAs)
Legitimate Interest Assessments (LIAs)