Data Protection Officer

Posted 5 hours 29 minutes ago by Ordnance Survey

£46,718 - £54,504 Annual
Contract
Not Specified
Other
Hampshire, Southampton, United Kingdom, SO140
Job Description

Data Protection Officer - Fixed Term Contract 13 months

Southampton Hybrid

Salary £46,718 to £54,504 (dependent on experience)

Ordnance Survey (OS) is the national mapping agency for Great Britain, and a world-leading geospatial data and technology organisation. As a reliable partner to government, business and citizens across Britain and the world, OS helps its customers in virtually all sectors improve quality of life. As we continue to innovate and evolve in a data-driven world, the importance of strong data governance and protection has never been greater. We are now looking for a Data Protection Officer (DPO) to join us on a fixed-term basis and play a pivotal role in ensuring OS continues to meet the highest standards of data protection compliance.

About the Role

The Data Protection Officer provides a critical, legislated function at OS informing, advising, and guiding the organisation on its data protection obligations. Reporting to senior leadership, you'll influence decision-making, promote best practice, and ensure compliance is embedded across OS.

This is a fantastic opportunity for a skilled data protection professional who can combine deep subject-matter expertise with strong stakeholder engagement, strategic thinking, and an ability to drive meaningful cultural change.

What You'll Be Doing

Informing & Advising

  • Provide expert guidance across OS and its group companies on data protection law (including UK GDPR, Data Protection Act 2018, Privacy and Electronic Communications Regulations 2003 (PECR), Data (Use and Access) Act 2025, Freedom of Information Act 2000), OS policies and regulatory obligations

  • Influence senior stakeholders, identifying risks and advising on actions to reduce them to acceptable levels

  • Act as the organisation's Data Protection Subject Matter Expert, prioritising high-risk areas including Corporate, Consumer, and new initiatives

  • Oversee Data Protection Impact Assessments (DPIAs), ensuring compliance is considered early and throughout project lifecycles

  • Position Data Authority as a key governance mechanism to ensure consistent and systematic data protection compliance within business initiatives

  • Own and maintain data protection policies; collaborate with risk owners to strengthen Subject Access Request (SAR) processes, privacy notices, and data-sharing agreements

  • Drive a culture of data protection awareness through training, guidance and engagement across the business

  • Provide support to the FOI team

Monitoring & Assurance

  • Provide both strategic and operational oversight of data protection compliance

  • Develop and implement monitoring tools and mechanisms to ensure compliance, identifying Key Performance Indicators, risks, and recommendations for senior leadership

  • Lead audits and assurance activities prioritising high-risk areas, gathering evidence and securing stakeholder engagement

  • Oversee the maintenance of records required to demonstrate compliance

External Engagement & Breach Management

  • Act as the primary point of contact for the Information Commissioner's Office and for data subjects regarding information requests, queries and complaints

  • Lead investigations into data breaches and incidents, ensuring prompt escalation, regulatory notifications, and lessons-learned activity to prevent recurrence. Oversee accuracy and maintenance of compliance records and logs

  • Collaborate with partner organisations and government bodies to share best practice

What We're Looking For

  • An experienced senior Data Protection professional with significant experience and practical application of data protection within a digital, data driven, complex organisation. Relevant professional qualification / certification in data protection is desirable

  • Strong, in-depth, up-to-date knowledge of UK GDPR, DPA 2018, PECR/e-privacy regimes (including cookies and analytics) and relevant regulatory frameworks

  • Exceptional stakeholder management and influencing skills at all levels, including senior leadership

  • Demonstrable experience leading DPIAs, Records of Processing Activities, audits, and data governance frameworks

  • Demonstrates extensive experience in dealing with SARs and information access requests

  • Demonstrates extensive experience in handling data breaches and dealing with reporting processes

  • Strong IT and MS 365, Teams, Excel and Word skills and demonstrable experience in the use of E-discovery

  • FOI knowledge and experience is desirable

  • Experience in providing confidential support to individuals or teams in an office environment

  • Ability to translate complex legislation into practical, actionable advice.

  • Confident communicator with experience delivering training and awareness activities

  • A proactive, analytical mindset with strong organisational and assurance capabilities

This role requires Security Check (SC) clearance, which must be successfully obtained and in place before the successful candidate can take up the post. Appointment to this role is therefore conditional upon meeting the required security clearance standards.

Closing date:3 May :59pm

A covering letter of no more than one page is required and should be submitted with your CV.