Rodeo
ResourcesPartnersSign in

Together

Head of Data Protection

Cheadle
Posted 8 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Together – Head of Data Protection

Company Description

We’re Together. For over 50 years, we’ve helped thousands of people, businesses and professionals unlock their property ambitions with our common-sense approach to mortgages and secured loans.

We take the time to understand our customers, and our door is always open, so we can often help when other lenders can’t or won’t. Based in Cheadle, Cheshire, our 750 colleagues help our customers throughout the UK, backed by the power of a £7 billion loan book.

Benefits of Working at Together

  • 26 days holiday (increasing to 30 days with service), plus a day off for your birthday and bank holidays
  • Free access to company holiday homes
    • Buy & sell holidays
  • Discretionary annual bonus + additional Shared Reward Bonus
  • Matched pension contribution
  • Health cash plan plus Private medical insurance
  • Life assurance and Critical illness cover
  • Travel season ticket loans and Ride to Work scheme
  • Free local gym access
  • Discounts on local bars and restaurants

Job Description: Head of Data Protection

As the Head of Data Protection, you will be responsible for overseeing Together Money’s Data Protection Framework, ensuring compliance with:

  • UK General Data Protection Regulations (UK GDPR)
  • The Data Protection Act 2018 (DPA)
  • The Privacy and Electronic Communication Regulations
  • Consumer Duty and other relevant regulatory expectations

You will provide strategic leadership on privacy, data protection, data governance, and information risk, acting as the primary subject matter expert and advisor to senior management and the board.

Key Responsibilities

  • Lead the development and implementation of Together Money’s data protection strategy
  • Serve as the organisation’s Data Protection Officer under UK GDPR
  • Monitor compliance with data protection laws, internal policies, and regulatory obligations
  • Provide advice on, and monitor the completion and outcomes of, Data Protection Impact Assessments (DPIAs) for high-risk processing and change initiatives
  • Cooperate with, and act as the main point of contact for, the Information Commissioner’s Office (ICO), including supporting any prior consultation activities
  • Act as a contact point for data subjects on the exercise of their rights and privacy queries, ensuring timely and compliant responses
  • Drive continuous improvement of:
    • Data protection and privacy controls
    • Data protection training and awareness programmes
  • Provide expert advice on new products, systems, and change initiatives
  • Inform and advise the organisation (including employees) on obligations under:
    • UK GDPR
    • DPA 2018
    • Related data protection laws
  • Monitor compliance with data protection laws and internal policies, including:
    • Assigning responsibilities
    • Overseeing audits
    • Driving awareness and training
  • Provide assurance and oversight of data retention, archiving, and disposal practices
  • Ensure privacy by design and default is embedded across all change initiatives
  • Lead investigations into complex or high-risk data protection incidents
  • Develop data protection KPIs, metrics, and Board-level reporting dashboards
  • Support enterprise-wide risk management and governance activities
  • Contribute to Consumer Duty compliance, embedding considerations for vulnerable customers
  • Provide regular reports to CORC, Executive Risk Committee, and Board as required
  • Oversee third-party data protection assurance and contractual controls
  • Champion a strong culture of privacy and responsible data use across the business
  • Lead internal awareness campaigns to enhance data protection culture
  • Support internal and external audits relating to privacy and information governance
  • Collaborate with Cyber Security to align privacy and security risk management

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Qualifications & Experience

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Essential

  • Substantial experience as a Data Protection Officer
  • Strong communication, negotiation, influencing, and interpersonal skills
  • Expertise in:
    • UK and EU data protection laws
    • In-depth understanding of UK GDPR
  • Technical knowledge of current data management and communication technologies
  • Experience in continuous improvement driving high performance

Desirable

  • Certified Information Privacy Professional/Europe (CIPP/E)
  • Certified Information Privacy Technologist (CIPT)
  • Certified Information Security Manager (CISM)
  • Advanced report-writing experience

Note: If you have some but not all of these skills, we’d still welcome your application to discuss your suitability.


Additional Information

Together is committed to diversity and inclusion and proud to be an equal opportunity employer. We welcome and celebrate difference, supporting a variety of backgrounds, perspectives, and skills.

If you feel you’d benefit from any support or reasonable adjustments during recruitment, please inform us when applying. All successful applicants will undergo relevant:

  • Employment reference checks
  • Financial and criminal record checks

Working Details

  • Location: Office-Based (Cheadle, SK8 3GW)
  • Hours: Standard (09:00–17:30)
  • Department: Compliance
  • Contract: Permanent
Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Data Protection Strategy
UK GDPR Compliance
Data Protection Impact Assessments
Information Risk Management
Data Governance
Privacy By Design
Regulatory Reporting
Stakeholder Management
Third-Party Assurance
Incident Investigation
Audit Management
Communication Skills
Negotiation
Influencing
Interpersonal Skills
Technical Data Management

Location

Cheadle, England, United Kingdom

Sign up to applySee more jobs like this