Security Control Centre Data Protection Manager

For jobs located in Wales, the ability to speak Welsh is desirable.

The Department for Work and Pensions (DWP) is one of the government’s largest public service departments with a sizeable annual budget, serving over 20 million citizens.

The estate spans 1.4 million square metres across 800+ sites and supports around 78,000 colleagues.

Our vision includes DWP colleagues, supply chain, partners and, most fundamentally, the customers the Department exists to serve. They are the reason for our existence.

We are responsible for the day-to-day operation of our vast Estate by managing a private sector supply chain that delivers essential services such as Security Guarding, Maintenance, Property and Leasehold Management, Construction, Cleaning and Facilities Management.

DWP Estates is not just about maintaining buildings - it’s about transformation. Our strategic goals include:

• Transitioning to a smaller, more affordable, and adaptable estate to meet future needs
• Investing in infrastructure through planned replacement works
• Embedding sustainability in line with Government Greening Commitments (GGCs)
• Delivering cost-effective services while maintaining high standards
• Creating a professional, best-in-class working culture across the Government Property profession

Our Estates strategy ambitions have been refreshed to take us through to 2030:

• OPTIMISE: Continue to transition to a more affordable and adaptable DWP estate that creates productive environments

• INVEST: Investment in an improved environment that better meets the needs of customers and colleagues and minimises service disruption

• SUPPORT the drive for sustainability throughout DWP

• DELIVER: Expertly deliver improving, cost-effective services for DWP

• THRIVE: Continue to develop a working culture for DWP Estates that is best in class across government

There is no better time to join the award winning DWP Estates team.

The Security Control Centre (SCC) Data Protection Manager will set up Data Protection processes and manage all related Data Protection enquiries for the Security Control Centre. They will ensure that all personal data handled by the SCC and DWP will be done so in compliance of Data Protection legislation and follows DWP’s Data Protection principles.

The role will be appointed to the Security Control Centre only but there is an expectation the successful applicant will have a strong working relationship with the main DWP Data Protection team and other Government Departments where necessary., * Lead the interpretation, implementation, and ongoing management of the Data Protection Act 2018, UK GDPR, and relevant ICO guidelines, ensuring the department’s processes are fully complaint.

• Act as point of contact for senior stakeholders internal and external for all data protection questions, providing explanation and assurance around data protection implications and guiding policy decisions.
• Advise senior leadership on UK GDPR/DPA 2018 compliance, emerging regulatory trends, and risk appetite implications.
• Monitor and review new legislation, including Data (Use & Access) Act 2025 (DUAA), to ensure business processes and practices remain fully compliant with regulatory requirements
• Define privacy requirements for projects, systems, and estates platforms.
• Develop, review, and refine departmental policies and procedures to ensure they reflect best practice, legal requirements, and efficient workflows.
• Review and assess existing processes to confirm their legal basis, implementing appropriate mitigations such as Legitimate Impact Assessments (LIA) where required.
• Provide real-time advice and guidance to staff, internal stakeholders, and suppliers regarding data rights and responsibilities
• Lead Data Protection Impact Assessments (DPIAs) for new systems, projects, and processes; maintain high standards and report outcomes. Identifying Data Protection Risks and providing appropriate mitigations to ensure they are within risk appetite.
• Map and analyse departmental data flows to identify points of risk, ensure proper controls are in place, and maintain governance documentation.
• Draft, evaluate, and negotiate Data Sharing Agreements and supplier contracts with robust data protection clauses
• Ensure onboarding of third-party data processors aligns with legal requirements and manage ongoing compliance oversight. Reviewing contracts to ensure appropriate Data Protection Clauses are in place.
• Engage and build strong working relationships with internal and external stakeholders to better understand and meet their needs.
• Provide leadership by coaching and mentoring junior staff, helping them develop and maintain best practice in data protection.
• Influence a culture of data privacy and security through workshops, training, and strategic communications
• Support integrated governance between Data Protection, Information Security, and FOI functions, ensuring consistency with DWP and Civil Service policies.
• Monitor compliance metrics, maintain oversight of compliance activities, and escalate concerns or improvements to the Security & Data Protection Senior Leadership Team
• Experience of high-level collaboration with key stakeholders in problem solving, managing and escalating issues.
• Excellent written and oral communication.
• Experienced report and business case writer., * To outline and maintain requirements under the Data Protection Act 2018, GDPR and ICO best practise guidelines.
• Identify and mitigate data protection risks proactively, applying SME knowledge to prevent them reoccurring.
• Ensure compliance with policies and procedures, streamlining local processes where possible ensuring they align to best practice.
• Review, record and respond to requests for information and Subject Access Requests (SAR's) as well as providing advice and guidance on Data Protection to staff and suppliers.
• Develop and undertake Data Protection Impact Assessments where required.
• Develop and implement Data Sharing Agreements with clients where required.
• Ensure the onboarding of 3rd party supplier data processors is undertaken in line with relevant legislation.
• To review contracts ensuring appropriate Data Protection clauses are in place & undertake Data flow mapping where required.
• Act as a point of contact for Data Protection related queries.
• Experience in privacy governance, risk management, and compliance frameworks., All candidates who are successful at the sift stage will undertake a single virtual video interview.

There, you will be assessed against the experiences listed in the essential criteria.

You will also be asked additional questions to validate your knowledge which will be measured against the essential criteria as specified in the vacancy. Your will also be asked some Strength questions.

Currently the sift is scheduled to take place w/c 2nd February 2026 and interview dates either w/c 16th February 2026 . Interviews are scheduled to take place virtually and dates are subject to change., Civil Servants applying on promotion will usually be appointed to the salary minimum or within 10% of existing salary.

Any move to DWP from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may, however, be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at the Childcare Choices Website. Feedback will only be provided if you attend an interview or assessment., * UK nationals

• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Do you have a valid Certificate in Payroll Practice, Chartered Institute of Payroll Professionals certification?, Do you have experience in Regulatory reporting?, * In-depth knowledge of UK GDPR, Data Protection Act 2018, PECR, and global privacy frameworks.

• Ability to monitor legislative changes and advise stakeholders promptly.
• Proven experience in audits, DPIAs, and compliance oversight and familiarity with IT systems, cybersecurity principles, and privacy management tools.
• Ability to influence senior stakeholders and simplify complex regulations.
• Skilled in breach handling and regulatory reporting.
• Demonstrable experience in a senior data protection or compliance role, ideally within regulated sectors., * IAPP: CIPP/E, CIPM, or CIPT
• BCS Practitioner Certificate in Data Protection
• PECB Certified Data Protection Officer
• ISACA CDPSE or equivalent

Professional Memberships:

• International Association of Privacy Professionals (IAPP)
• Data Protection Officers Association (DPOA) or NADPO, Successful candidates must undergo a criminal record check. People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Alongside your salary of £44,447, Department for Work and Pensions contributes £12,876 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

DWP have a broad benefits package built around your work-life balance which includes:

• Working patterns to support work/life balance such as job sharing, term-time working, flexi-time and compressed hours.
• Generous annual leave – at least 23 days on entry, increasing up to 30 days over time (pro–rata for part time employees), plus 9 days public and privilege leave.
• Support for financial wellbeing, including interest-free season ticket loans for travel, a cycle to work scheme and an employee discount scheme.
• Health and wellbeing support including our Employee Assistance Programme for specialist advice and counselling and the opportunity to join HASSRA a first-class programme of competitions, activities and benefits for its members (subscription payable monthly).
• Family friendly policies including enhanced maternity and shared parental leave pay after 1 year’s continuous service.
• Funded learning and development to support progress in your role and career. This includes industry recognised qualifications and accreditations, coaching, mentoring and talent development programmes.
• An inclusive and diverse environment with opportunities to join professional and interpersonal networks including Women’s Network, National Race Network, National Disability Network (THRIVE) and many more., If you are placed on a reserve list but we cannot immediately offer you a post, please note:
• If you are later offered the role you applied for, in a location you have expressed a preference for, and you decline the offer or are unable to take up the post within a reasonable timeframe you will be withdrawn from the campaign and removed from the reserve list, other than in exceptional circumstances (e.g. a contractual Part Time Working Pattern cannot be accommodated in the initial role offered or in cases of serious ill health).
• If DWP makes an offer of an alternative role or location to that which you originally applied for, and you decline that offer, you will be able to remain on the reserve list.

Disability Confident Scheme

If high application volumes are received, the benchmark for candidates to proceed to the next stage may be raised. In line with our commitment to the Disability Confident Scheme (DCS), we aim to advance all candidates applying under the DCS who meet the minimum standard. However, we may only progress those candidates who best meet the required standards.

Reasonable Adjustments

We consider visible and non-visible disabilities, neurodiversity or learning differences, chronic medical conditions, or mental ill health. Examples include dyslexia, epilepsy, autism, chronic fatigue, or schizophrenia.

If you need a change to be made so that you can make your application, you should contact the Government Recruitment Service via DWPRecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs.

Complete the “Reasonable Adjustments” section in the “Additional requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.

If you are experiencing accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

Integrity, plagiarism, Civil Service Principles and the use of Artificial Intelligence (AI)

The Civil Service values honesty and integrity and expects all candidates to abide by these principles.

Please ensure that all examples provided in your application are taken directly from your own experience and that you describe the examples in your own words.

Examples of plagiarism can include:

• Presenting the work, ideas and experience of others as your own
• Copying content or answers from an online or published source that is not your own