
How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Together – Head of Data Protection
Company Description
We’re Together. For over 50 years, we’ve helped thousands of people, businesses and professionals unlock their property ambitions with our common-sense approach to mortgages and secured loans.
We take the time to understand our customers, and our door is always open, so we can often help when other lenders can’t or won’t. Based in Cheadle, Cheshire, our 750 colleagues help our customers throughout the UK, backed by the power of a £7 billion loan book.
Benefits of Working at Together
- 26 days holiday (increasing to 30 days with service), plus a day off for your birthday and bank holidays
- Free access to company holiday homes
- Buy & sell holidays
- Discretionary annual bonus + additional Shared Reward Bonus
- Matched pension contribution
- Health cash plan plus Private medical insurance
- Life assurance and Critical illness cover
- Travel season ticket loans and Ride to Work scheme
- Free local gym access
- Discounts on local bars and restaurants
Job Description: Head of Data Protection
As the Head of Data Protection, you will be responsible for overseeing Together Money’s Data Protection Framework, ensuring compliance with:
- UK General Data Protection Regulations (UK GDPR)
- The Data Protection Act 2018 (DPA)
- The Privacy and Electronic Communication Regulations
- Consumer Duty and other relevant regulatory expectations
You will provide strategic leadership on privacy, data protection, data governance, and information risk, acting as the primary subject matter expert and advisor to senior management and the board.
Key Responsibilities
- Lead the development and implementation of Together Money’s data protection strategy
- Serve as the organisation’s Data Protection Officer under UK GDPR
- Monitor compliance with data protection laws, internal policies, and regulatory obligations
- Provide advice on, and monitor the completion and outcomes of, Data Protection Impact Assessments (DPIAs) for high-risk processing and change initiatives
- Cooperate with, and act as the main point of contact for, the Information Commissioner’s Office (ICO), including supporting any prior consultation activities
- Act as a contact point for data subjects on the exercise of their rights and privacy queries, ensuring timely and compliant responses
- Drive continuous improvement of:
- Data protection and privacy controls
- Data protection training and awareness programmes
- Provide expert advice on new products, systems, and change initiatives
- Inform and advise the organisation (including employees) on obligations under:
- UK GDPR
- DPA 2018
- Related data protection laws
- Monitor compliance with data protection laws and internal policies, including:
- Assigning responsibilities
- Overseeing audits
- Driving awareness and training
- Provide assurance and oversight of data retention, archiving, and disposal practices
- Ensure privacy by design and default is embedded across all change initiatives
- Lead investigations into complex or high-risk data protection incidents
- Develop data protection KPIs, metrics, and Board-level reporting dashboards
- Support enterprise-wide risk management and governance activities
- Contribute to Consumer Duty compliance, embedding considerations for vulnerable customers
- Provide regular reports to CORC, Executive Risk Committee, and Board as required
- Oversee third-party data protection assurance and contractual controls
- Champion a strong culture of privacy and responsible data use across the business
- Lead internal awareness campaigns to enhance data protection culture
- Support internal and external audits relating to privacy and information governance
- Collaborate with Cyber Security to align privacy and security risk management
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Qualifications & Experience


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Essential
- Substantial experience as a Data Protection Officer
- Strong communication, negotiation, influencing, and interpersonal skills
- Expertise in:
- UK and EU data protection laws
- In-depth understanding of UK GDPR
- Technical knowledge of current data management and communication technologies
- Experience in continuous improvement driving high performance
Desirable
- Certified Information Privacy Professional/Europe (CIPP/E)
- Certified Information Privacy Technologist (CIPT)
- Certified Information Security Manager (CISM)
- Advanced report-writing experience
Note: If you have some but not all of these skills, we’d still welcome your application to discuss your suitability.
Additional Information
Together is committed to diversity and inclusion and proud to be an equal opportunity employer. We welcome and celebrate difference, supporting a variety of backgrounds, perspectives, and skills.
If you feel you’d benefit from any support or reasonable adjustments during recruitment, please inform us when applying. All successful applicants will undergo relevant:
- Employment reference checks
- Financial and criminal record checks
Working Details
- Location: Office-Based (Cheadle, SK8 3GW)
- Hours: Standard (09:00–17:30)
- Department: Compliance
- Contract: Permanent
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location