Data Protection Manager - 2nd line oversight
Swindon, United Kingdom
As a Data Protection Manager, you’ll play a key role in protecting our members, colleagues, and communities by ensuring Nationwide manages personal data lawfully, fairly, and transparently. You’ll provide expert data protection advice across change initiatives and day‑to‑day activity, review high‑risk privacy impact assessments, and help embed strong privacy standards across the organisation. Working closely with colleagues across Nationwide, you’ll help maintain trust with our members and regulators while supporting Nationwide’s purpose as a member‑owned mutual.
This role sits within Nationwide’s Data Protection Office, part of our wider risk and compliance environment. The team supports Nationwide to meet its obligations under the UK GDPR and related data protection laws through advice, assurance, training, and oversight of privacy risks.
You’ll act as a subject matter expert, supporting business teams to design and operate compliant data processing activities and ensure privacy risks are identified and managed early. Your work will have a direct impact on protecting members’ information and maintaining Nationwide’s reputation for doing the right thing.
At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected.
For this job you'll be located at our nearest regional hub. There will be a need to regularly connect with colleagues for collaboration events in one of our office sites. This is anticipated to be quarterly, in London or Swindon. If your application is successful, your hiring manager will provide further details on how this works.
The extras you’ll get
- Access to private medical insurance
- A highly competitive pension to help you build a strong foundation for retirement
- Access to an annual performance‑related bonus
- Training and development to help you progress your career
- A great selection of additional benefits through our salary sacrifice scheme
- Life assurance to provide peace of mind for you and your loved ones in the event of your death
- Wellhub – access to a range of free and paid options for health and wellness
- Up to 2 days of paid volunteering a year
What you’ll be doing
On a typical day, you’ll be advising colleagues across Nationwide on how to handle personal data responsibly, whether that’s supporting new change initiatives or responding to complex business‑as‑usual queries. You’ll review and challenge high‑risk privacy impact assessments, helping teams identify privacy risks early and providing constructive challenge and advice on proportionate risk mitigations. You’ll also carry out privacy‑focused assurance, contribute to reporting for senior stakeholders, and support the wider data protection incident and breach management processes.
About you
- Strong, practical experience applying the UK GDPR and related UK data protection and privacy laws in a complex organisation
- Proven experience providing data protection advice and oversight for complex processing activities, including digital and technology‑enabled services
- Experience overseeing the review of high‑risk privacy impact assessments, providing independent challenge and forming clear, reasoned, risk‑based recommendations to support informed decision‑making
- The ability to undertake privacy assurance activities, and to produce clear, well‑evidenced privacy risk opinions, reports, and opinion papers for senior stakeholders
- Excellent written and verbal communication skills, with the confidence to engage and challenge stakeholders at different levels