Head of Information and Data Governance

This role is accountable for defining information and data governance policies, standards, and control expectations, and for providing independent oversight, challenge, and monitoring of adherence across the organisation. While first‑line business areas retain accountability for executing data controls, the Head of Information and Data Governance will influence senior stakeholders to ensure these responsibilities are effectively discharged. The role will also lead a continuous improvement agenda to enhance the maturity of data governance practices across the business.

This is a senior leadership position requiring expertise in information and data governance and a proven track record of strengthening control environments within complex organisations. Experience working with material outsourcers and an understanding of emerging risks, including those associated with AI, are highly desirable. A strong background in financial services and familiarity with platform‑based business models, alongside knowledge of key regulatory bodies such as the ICO, FCA and PRA, is essential.

A key aspect of the role is the ability to translate complex information and data governance concepts into clear, business‑relevant insights, enabling effective decision‑making at Executive Committee and Board level. Strong stakeholder engagement skills are critical to build confidence across the organisation, from the C‑suite to delivery partners, and ensure governance remains aligned to the needs of a growing business.

The role holder will oversee the effective operation of the data governance function within a regulated environment, including managing team performance, capacity, budgets, and associated risks and controls. This role focuses on governance and oversight, rather than operational data management and does not act as the Data Protection Officer. However, it works closely with operational teams, Information Security and related functions to strengthen the overall control environment.

Responsibilities include business partnering, review and approval of impact assessments, and supporting change and transition initiatives.

Nucleus is one of the UK’s leading independent financial planning and retirement‑focused platforms operating from offices in London, Bristol, Ipswich, Salisbury, Edinburgh and Glasgow. The business administers over £100bn of customer assets across Self‑Invested Personal Pensions, Individual Savings Accounts, general investment accounts and other products for over 5,000 financial advisers and more than 250,000 underlying clients. Nucleus has ~1,200 employees and uses FNZ and Bravura as material outsourcers; consequently, the business has a range of both in‑house and outsourced services and operations that this role will have oversight responsibility for.

The Architecture, Governance and Oversight function sits within Group Technology and plays a crucial role in helping navigate a major transformation programme and a series of transitional states to achieve this, while supporting the near‑term business strategy within the constraints of existing solutions and capabilities.

• Architect scalable and innovative solutions that support both the growth and efficiency of our business.
• Set standards and policy to protect our business and ensure regulatory compliance.
• Ensure Information & Cyber Security controls, both internally and across our suppliers, are sufficient and effective.
• Define Data Governance standards and maintain oversight across the business and our material suppliers.
• Define expected standards for, and test, our Operational Resilience.
• Inform material decisions and ensure good governance and oversight both internally and across our suppliers.
• Provide appropriate insight and reporting to the Leadership team and stakeholders including Board.
• Support the CTO in defining and tracking progress against our strategy.
• Continuously review our risk profile and effectiveness of mitigating controls.
• Work with our Finance business partner to ensure good control over expenditure, budget setting and driving efficiencies in our cost base.

Responsibilities:

• Define and Lead Information and Data Governance Strategy.
• Own and evolve the Group Information and Data Governance strategy, aligned to business priorities and transformation objectives.
• Define the target operating model for information and data governance, including roles, accountabilities and federated ownership across the Group.
• Establish policies, standards and principles covering data quality, ownership, lineage, metadata, retention and ethical use.
• Ensure governance aligns with regulatory expectations while remaining commercially pragmatic and scalable.
• Act as a thought leader on emerging data trends (AI, data products, cloud ecosystems) and their governance implications.
• Work collaboratively with other members of our Technology leadership team to inform and deliver on our broader Data Strategy.

Drive Adoption Through Influence and Engagement:

• Build strong relationships with ExCo, SLT and senior business leaders to embed information and data governance as a business priority.
• Influence business areas to take ownership of data controls and outcomes, rather than centralising delivery.
• Develop and lead a data governance community / network (e.g. data owners and stewards).
• Champion a data‑led culture, promoting accountability, literacy and value realisation.
• Act as a trusted advisor on data governance implications of transformation, M&A and strategic initiatives.

Senior Leadership and Executive Engagement:

• Lead the creation of clear, concise and insight‑driven reporting for Executive Committee and Board.
• Translate technical and regulatory topics into business risk, customer impact and commercial outcomes.
• Provide forward‑looking insight on risks, maturity and investment priorities.
• Ensure consistent and compelling communication of information and data governance progress, gaps and value delivered.

Governance Framework and Oversight:

• Define, own and maintain the Group Data Governance Control Framework, including mandatory controls, control objectives and assurance requirements aligned to UK GDPR, FCA and PRA expectations.
• Define information and data governance policies and standards that support lawful, fair, transparent and accountable processing across all Group entities.
• Develop and track KPIs / KRIs for data quality, control effectiveness and adoption.
• Oversee data governance maturity assessments and prioritise improvement initiatives.
• Provide independent challenge to business areas on data‑related risks and control weaknesses.
• Ensure data governance is effective across key suppliers and outsourced providers.

Enable Business Change and Transformation:

• Embed data governance into change lifecycle (design, delivery and transition).
• Ensure new initiatives align with data standards, ownership models and control expectations.
• Provide guidance on data governance standards and expectations for our Platform Transformation programme.
• Support the organisation in balancing speed of change with governance discipline.

Build Capability & Ways of Working:

• Lead and develop a high‑performing data governance team.
• Develop team capability and succession through coaching and mentoring.
• Define required capability uplift across the business (data owners, stewards, SMEs).
• Introduce practical tooling, frameworks and playbooks to enable adoption.
• Promote continuous improvement and measurable uplift in data maturity.

Key Competencies (Knowledge, Skills and Behaviours):

Knowledge and Experience:

• Strong experience defining and implementing information and data governance strategies.
• Proven track record of operating within a regulated environment, preferably financial services.
• Understanding of data operating models, data ownership frameworks and governance tooling.
• Experience supporting enterprise‑wide transformation and large‑scale change programmes.
• Sound understanding of technology and data processing within platform‑based financial services.
• Knowledge of third‑party data protection contractual requirements.

Skills and Behaviours:

• Strong leadership and people management capability.
• Exceptional stakeholder management and influencing at leadership level.
• Ability to simplify complex concepts into clear, compelling messages.
• Strategic thinker with strong commercial and pragmatic judgement.
• Confident in challenging senior stakeholders constructively.
• High levels of credibility, resilience and personal impact.
• Collaborative team player who role‑models organisational values.
• Strong commitment to continuous learning and improvement.
• Competent user of MS Excel, Word, PowerPoint and Teams.

Desirable:

• Knowledge of platform propositions, including WRAP Platforms and SIPPs.
• Professional certifications such as CIPP/E, CIPM or equivalent.
• Degree or relevant professional qualification.