When personal data incidents occur, how we respond matters. As a Data Protection Assistant, you’ll support our organisation’s response to personal data breaches, helping to protect individuals’ rights and ensuring incidents are managed carefully, lawfully and consistently. Working as a Data Protection Assistant, you’ll play a key role in supporting the organisation’s response to such incidents. You’ll play a key role in the identification, assessment, logging and coordination of data breaches in line with our legal and regulatory obligations.

Joining our friendly team, you’ll help track, co‑ordinate and support breach investigations, ensuring appropriate actions are taken and relevant parties are kept informed throughout the process. You’ll report into the Senior Data Protection Manager and work closely with the rest of the General Counsel Team, information security colleagues, and wider internal teams when managing more complex incidents.

The role also offers exposure to a broad range of data protection activity, including supporting the organisation’s compliance with data subject rights and wider data protection obligations.

What You’ll Be Doing

• Supporting the identification, logging and management of personal data breaches and data protection incidents, with limited supervision.
• Assisting with breach assessments, including gathering information, understanding risk to individuals, and supporting decisions around notification requirements.
• Working on more complex breaches and data protection incidents with guidance from the Senior Data Protection Manager.
• Liaising with internal stakeholders to obtain timely and accurate information required to investigate incidents.
• Supporting the preparation of internal breach reports and documentation, ensuring records are accurate, complete and up to date.
• Assisting with notifications to the Information Commissioner’s Office (ICO) and affected individuals where required, under supervision.
• Proactively monitoring incident progress to ensure actions are completed within required timeframes.
• Maintaining an accurate and appropriate record of all breaches and data protection incidents.
• Keeping up to date with evolving UK data protection legislation, ICO guidance, and best practice around breach management.
• Carrying out any other required responsibilities as requested by the Senior Data Protection Manager.

• A strong knowledge and understanding of the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018, particularly in relation to personal data breaches.
• Previous experience managing multiple tasks or activities with diligence and accuracy.
• Evidence of ability to work well under pressure and to meet tight deadlines.
• Demonstrable experience of building effective working relationships across a range of internal departments and seniority levels.
• Ability to work confidently with minimal direction, as well as collaboratively as part of a team.
• Excellent written and verbal communication skills.
• Ability to handle sensitive information confidentially and with discretion.
• Ideally, experience in an in‑house compliance, data protection or legal environment, though this isn’t essential.