Find a job 
Featured Companies 
Featured Universities 
For Companies Data Compliance Manager – Nottingham City
Contract type: Permanent
Hours: Full-time, 35 hours
Location: Head Office, Nottingham (Hybrid working, minimum 2 days per week)
As our Data Compliance Manager, you’ll play a key role in shaping and safeguarding the way we manage data across the organisation. You’ll lead the development and delivery of our data protection and information governance strategies, ensuring we not only meet regulatory requirements but also champion best practice in handling sensitive business, customer, and colleague information.
Working closely with teams across the organisation, as well as senior leaders and external partners, you’ll build strong frameworks, strengthen governance processes, and help create a culture where awareness and accountability for data protection thrive. This is an exciting opportunity to make a meaningful impact, influence organisational standards, and support a diverse community of colleagues in managing data responsibly and confidently.
Here’s a taste of what you will be doing as a Data Compliance Manager at Nottingham Building Society:
Policy & Governance Development: Create, implement and maintain data protection and information governance policies, controls, and standards aligned to laws, regulations, and best practice.
Risk & Incident Management: Lead data breach risk assessments, mitigation planning, continuous monitoring and collaborate on breach, complaint and risk event handling within regulatory deadlines.
Regulatory Compliance Oversight: Conduct data protection and information governance audits, gap analyses, and assessments to identify risks and improvement opportunities.
Third‑Party Risk Management: Oversee vendor risk processes to ensure external partners meet data protection and governance requirements.
Training & Awareness: Deliver regular training and awareness initiatives to strengthen organisational understanding of data protection and governance.
Data Lifecycle & Classification Management: Develop and maintain data classification, privacy, and retention policies in partnership with second‑line Data Protection teams.
Support DLP, encryption, IAM implementation, and collaborate on PIAs and DPIAs to ensure privacy‑by-design.
Data Protection Expertise: Strong experience in data protection and information governance, including DPIAs and framework/policy development.
Regulatory Knowledge: Solid understanding of UK and global data protection requirements and industry best practices.
Background in information security, GRC, risk management and working with frameworks such as ISO 27001, NIST, CIS and COBIT.
Strong leadership skills with experience working cross‑functionally and building relationships at all levels.
Fair salary benchmarked against market data, annual discretionary bonus, and 29 days holiday plus
Contact Detail:
Nottingham Building Society Recruiting Team
