Compliance & Data Protection Manager

What’s the role about?

We’re looking for an experienced, proactive and delivery-focused Compliance and Data Protection Manager to lead the implementation of a robust governance and compliance framework across the organisation. This is a hands-on role, ideal for someone who’s ready to roll up their sleeves and deliver meaningful, tangible outputs.

The role will focus initially on foundational data protection work (with a primary focus on employee data), owning key governance and operational procedures and processes aligned to the ICO Accountability Framework, with immediate impact across the business. You’ll also support broader compliance areas such as PCI-DSS, carbon reporting, and audit readiness.

The role is based across our London head offices.

The intention is for this role to serve as the company’s Data Protection Officer, reporting to the Chief Financial Officer.

Who you are

• An experienced data protection and compliance specialist with hands-on experience implementing and actioning governance frameworks and processes, as well as managing them.
• Strong ability to operate independently and deliver at pace in a dynamic environment with tight timelines.
• Highly experienced in interpreting UK regulatory requirements (e.g. GDPR, UK DPA, ICO) and translating them into real-world, operational processes, through a measured, risk-based, approach.
• Ideally familiar with data protection regulations in the EU and US, in addition to UK.
• Skilled in documenting policies and implementing policies, responding to incidents, managing subject access requests, managing the DPIA process and maintaining the company’s ROPA.
• Confident in working with senior stakeholders and cross-functional teams to define and implement policies and procedures.
• Skilled in writing engaging employee training documentation.
• A natural problem-solver with excellent communication and stakeholder engagement skills.
• Experienced in audits, data mapping, DPIAs, DSARs, ROPA and tools (such as OneTrust, Purview) that support compliance functions.

What you’ll be doing

• Deliver and embed the core data protection governance framework, working closely with leadership team to align with the ICO Accountability Framework.
• Embedding Data Protection considerations into the day-to-day operations across both Head Office and Retail.
• Collaborate with the Data Protection Steering Committee (including running monthly meetings), and partner with the parent company’s DPO and Internal Audit teams to ensure consistent standards as joint data controllers for customer data.
• Lead the delivery of key compliance activities, including Data Protection Impact Assessments (DPIAs), data subject access requests (DSARs) etc.
• Maintain KPIs, reporting and governance records such as ROPA, asset registers, and audit trails to monitor and evidence compliance.
• Draft, implement, review and update essential data protection policies, operational procedures, and incident response plans, including clear protocols for escalation, investigation, and reporting.
• Document and map existing data handling activities and document and maintain company ROPA. Identify gaps and opportunities for improvement.
• Manage the end-to-end handling of compliance requests and audit queries for internal and external parties. Coordinating responses to internal and external audits. Work cross-functionally with Legal, People, Finance, IT, Retail, Sourcing, and Operations teams to gather evidence and deliver responses accurately and on time.
• Own and manage communication with the ICO.

What we offer

• Competitive salary.
• Up to 65% employee discount.
• Access to exclusive sample sales.
• Aviva DigiCare+ wellbeing services.
• Medicash health support plan.
• Workplace pension contributions.
• Enhanced parental leave policies.
• Cycle to Work scheme & EV car scheme
• Plus further workplace benefits.

If you want to start your story at Reiss as our Compliance & Data Protection Manager, don’t miss out - apply now!

#WeAreReiss

We recognise the importance and power of diversity within our business and, as such, we ensure that our people processes are fair, transparent and promote equality of opportunity for all candidates.

It is our pledge that candidates will not be discriminated against on the grounds of gender, gender identity or expression, pregnancy, marital status, age, race, colour, ethnic background, nationality, disability, sexual orientation, religion, religious or similar belief. Every individual will be treated with respect.

We know that some people won’t apply for a role unless they feel they meet all of the requirements listed. We want you to know that finding people who will add to our inspirational culture and have a learning mindset is incredibly important to us. Even if you feel you don’t tick all the boxes, we’d still like to hear from you.