Rodeo
ResourcesPartnersSign in

Marks and Spencer

Group Data Protection Compliance Manager

London
Posted 26 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Summary

At Marks & Spencer, trust is at the heart of everything we do. As Group Data Protection Compliance Manager, you will play a key role in maintaining that trust by shaping and maintaining our group‑wide data protection compliance framework. Sitting within our central Data Protection (DPO) Team and Legal function, this role works at the intersection of risk, compliance and innovation.

You will partner closely with colleagues across the business to ensure data protection risks are well managed and clearly understood, enabling M&S to continue its digital transformation and drive responsible use of data and Artificial Intelligence. This is a brilliant opportunity to apply your expertise in a role that has genuine impact across the Group, while working in a collaborative, supportive and purpose‑driven environment.

All the details

What You'll Do

Key accountabilities will include:

  • To maintain and enhance our data protection compliance framework, ensuring different elements work together effectively
  • Lead and support group‑wide data protection risk management, ensuring risks are consistently identified, assessed, tracked and reported in line with our risk appetite
  • Develop, enhance and deliver clear, insightful compliance reporting and metrics for senior business partners, committees and governance forums
  • Maintain and evolve data protection policies, procedures and governance processes to ensure they remain robust, practical and sustainable
  • Support effective monitoring, assurance and audit activity to assess the design and operation of data protection controls across the Group
  • Drive improvements to data processing records, DPIAs and third‑party due diligence, working collaboratively with Risk, Information Security and business teams

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Who You Are

Your skills and experience will include:

  • Strong experience working in a data protection or privacy role, with deep knowledge of UK data protection law and regulation
  • Proven ability to manage and advise on data protection risk in a complex, fast‑moving organisation
  • Confidence providing pragmatic, solutions‑focused advice to a wide range of business partners
  • Experience contributing to governance, reporting, monitoring or assurance activities
  • Data protection qualifications such as IAPP CIPP/E, CIPM or equivalent is desirable, but we also welcome candidates with equivalent practical experience

What’s in it for you?

Working at M&S means being part of something bigger - helping to deliver quality, value and service to millions of customers every day. We’re inclusive, fast-moving and always evolving, with a strong sense of purpose and a focus on doing the right thing.

Here are just a few of the benefits that make working here even more rewarding:

  • 20% colleague discount on all M&S products and many third-party brands for you and someone in your household, available once you’ve completed your probation
  • Competitive holiday allowance with the option to buy more
  • Discretionary bonus schemes linked to your performance and ours
  • Strong pension and life assurance to help plan for the future
  • Tailored induction and training to support your development from day one
  • Exclusive perks and savings through our M&S Choices portal
  • Market-leading family policies, including parental, adoption and neonatal leave
  • 24/7 wellbeing support, including virtual GP access and mental health services
  • One paid volunteer day a year to support a cause that matters to you

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Everyone’s welcome

We are ambitious about the future of retail. We’re disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We’re transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.

We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.

If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.

#hybridrole

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Data Protection
Privacy
Risk Management
Compliance
Data Processing
DPIAs
Third-party Due Diligence
Governance
Reporting
Monitoring
Assurance
UK Data Protection Law
Advisory Skills
Collaboration
Problem Solving
Communication

Location

London, England, United Kingdom

Sign up to applySee more jobs like this