twentyAI are seeking a pragmatic and independent Data Protection Officer (DPO) to join a well-established financial services organization. Reporting to the Head of Operational Risk, you will provide oversight of the bank’s data protection, privacy, and records management framework. With a well-developed DP structure already in place, this role focuses on managing workload, refining the framework, and streamlining processes to ensure a more effective and practical approach.

Key Responsibilities

• Maintain and enhance the bank’s data protection and privacy policies, ensuring compliance with UK GDPR and other regulations.
• Review and simplify the existing DP framework, identifying opportunities to dial back over-engineered processes.
• Act as the primary point of contact for the ICO and oversee Data Subject Access Requests (DSARs).
• Provide guidance on data protection impact assessments (DPIAs) and support first-line teams across InfoSec, supply management, and operational risk.
• Promote a data protection culture, delivering training and awareness initiatives.
• Assist in addressing unstructured data challenges, working closely with key stakeholders.

Desired Background 

• Experience in data protection, privacy, and compliance within financial services.
• Ability to work independently while integrating into a broader risk function.
• Strong stakeholder management skills and a pragmatic approach to data protection.
• Additional experience in IT, InfoSec, or risk management is a plus. .

Apply now to be part of an evolving data protection landscape in financial services!