This vacancy is only available to existing Civil Servant employees and employees of accredited non-departmental public bodies (NDPBs). Please review the "Eligibility" section before you apply.
General Information
Salary
The national salary range is £58,511 - £65,329, London salary range is £63,343 - £70,725 Your salary will be dependent on your base location
Working Pattern
Full Time, Flexible Working
Vacancy Approach
Cross Government
Location
National
Region
National
Closing Date
14-Jan-2026
Post Type
Permanent
Civil Service Grade
Grade 7
Number of jobs available
2
Reserve List
12 Months
Job ID
13262
Descriptions & requirements
Job description
Directorate – Security and Information Directorate (SID)
Job Description
Job Title Data Protection Strategic Lead
Group Profile Data Protection Team
Grade G7
Their work includes:
Knowledge and information are the lifeblood of the MoJ. They can transform the way we deliver public services as well as the relationship between government and public. It is important for the Department to show that we are capable of handling information carefully as well as making it readily available and widely accessible wherever we can and should. Managing information well can have a direct impact on our ability to deliver core services to our customers.
The Security and Information Governance Group is responsible for helping business groups across the department manage and use personal information in a manner compatible with the law. Its core function is to promote compliance with the Data Protection Act (DPA) 21018 and the UK General Data Protection Regulation across policies, projects, processes and services which involve personal data, through the provision of bespoke advice, training and guidance to business areas.
Reporting to a Deputy Data Protection Officer you will have a leading role in contributing to improvements to the way the department manages its personal data including responsibility for promoting adherence to and providing guidance across a vast spectrum of business areas on information legislation; you will also be part of the management of high impact incidents involving personal data.
Responsibilities, Activities and Duties
Key Responsibilities of the role:
• Provide advice and guidance on data protection issues for the MoJ and to make decisions on whether to report data breaches to the ICO.
• Contribute to regular commissions from Government departments to identify the most critical activities and likely risks.
• Act as point of contact for several of the MoJ’s Executive Agencies and Arm’s Length Bodies and the central workstreams covering commercial and contract management, HR, finance and digital/ technology functions. Generating a common interpretation of emerging cross-government guidance, to provide specific interpretations to cultivate a strong MoJ approach towards achieving compliance.
• Explore and promote critical deliverables on a department-wide basis.
• Maintaining relationships with appropriate teams / stakeholders in support of delivering UK GDPR/DPA18 compliance across MoJ technology systems.
• Providing compliance advice and guidance on:
• A proven track record in developing and leading information assurance strategy in government, including stakeholder engagement, specifically in relation to risk.
• Proven leadership experience in an information / data management setting.
• Experience and knowledge of existing working practices within government, including technical security advice, risk management, off-shoring, data protection impact assessments, governance and compliance.
• Proven ability to adapt to changing priorities, and maintain focus and alignment of the team’s activities - including experience of the management of a team of information security / assurance specialists.
• Experience of engaging with stakeholders and staff to resolve business issues and ensure effective and efficient delivery of services.
• In a comparable business environment, experience of providing evidence based, risk balanced advice to seniors, presenting complex considerations in clear and non-technical terms.
• Be an effective communicator, who can; discuss and understand technical security controls or systems alongside security professionals and software developers.
• Explain technical concepts to senior leaders and stakeholders.
• Communicate risk in a neutral way to allow understanding of impact and likelihood.
• Demonstrate strong written and verbal communication skills.
• Be capable of thinking in the style of a threat-actor, to avoid complacency or over-confidence in how we defend the Department’s information.
• Be passionate about technology, technical transformation and technical information security, where keeping up to date is just part of how you work.
Desirable
• A data protection/GDPR qualification e.g. CIPP/E or CIPM.
This list is at present and is not intended to be exhaustive. The job holder is expected to accept reasonable alterations and additional tasks of a similar level that may be necessary.
• Working together – Interview
Data Protection Strategic Lead G7
Job Description
Job Title Data Protection Strategic Lead
Group Profile Data Protection Team
Grade G7
Overview of SIG
SID is part of the Service Transformation Group. The Group oversees the building of a strategic vision for modernising and digitising our legacy systems, generating a coordinated plan across the MoJ and its agencies for transformation, and tracking delivery of this transformation.
Security and information management are fundamental building blocks of enabling the department to deliver. We have highly skilled experts working collaboratively with the department, Government Security Group and other partners to enable the whole of the MoJ to function securely, lawfully and transparently.
We identify, manage, and mitigate MoJ’s security, data protection and information risks, and provide assurance against those risks. We’re also home to the Counter Fraud Centre of Expertise. Part of our mission is to up-skill the department so that security becomes second nature to our people and partners.
Team Profile
The remit of the Data Protection Team covers Headquarters, the five Executive Agencies and 12 Arm’s Length Bodies.
Their work includes:
- Monitoring and overseeing compliance with data protection legislation and MoJ personal data policies
- Advising on Data Protection Impact Assessments
- Acting as the point of contact with the Information Commissioner’s Office
- Receiving requests from data subjects who wish to exercise their rights to - access, restrict, rectify or erase - their personal data
The Role
We’re recruiting a Data Protection Strategic Lead here at MoJ (Ministry of Justice) Security and Information Governance Group, to be part of our warm and collaborative Data Protection Team.
Knowledge and information are the lifeblood of the MoJ. They can transform the way we deliver public services as well as the relationship between government and public. It is important for the Department to show that we are capable of handling information carefully as well as making it readily available and widely accessible wherever we can and should. Managing information well can have a direct impact on our ability to deliver core services to our customers.
The Security and Information Governance Group is responsible for helping business groups across the department manage and use personal information in a manner compatible with the law. Its core function is to promote compliance with the Data Protection Act (DPA) 21018 and the UK General Data Protection Regulation across policies, projects, processes and services which involve personal data, through the provision of bespoke advice, training and guidance to business areas.
Reporting to a Deputy Data Protection Officer you will have a leading role in contributing to improvements to the way the department manages its personal data including responsibility for promoting adherence to and providing guidance across a vast spectrum of business areas on information legislation; you will also be part of the management of high impact incidents involving personal data.
Responsibilities, Activities and Duties
The job holder will be required to carry out the following responsibilities, activities, and duties:
Key Responsibilities of the role:
• Provide advice and guidance on data protection issues for the MoJ and to make decisions on whether to report data breaches to the ICO.
• Contribute to regular commissions from Government departments to identify the most critical activities and likely risks.
• Act as point of contact for several of the MoJ’s Executive Agencies and Arm’s Length Bodies and the central workstreams covering commercial and contract management, HR, finance and digital/ technology functions. Generating a common interpretation of emerging cross-government guidance, to provide specific interpretations to cultivate a strong MoJ approach towards achieving compliance.
• Explore and promote critical deliverables on a department-wide basis.
• Maintaining relationships with appropriate teams / stakeholders in support of delivering UK GDPR/DPA18 compliance across MoJ technology systems.
• Providing compliance advice and guidance on:
- The transparency requirements of the UK GDPR and the DPA18
- Data Protection-by-design and default throughout the data journey and across multiple platforms.
- The ability of the Department to evidence proactive supplier management and compliance, with expected standards (as a data controller).
- A long-term compliance plan for information held within systems across the MoJ estate, including new and legacy systems.
- An incident management process for data incidents and assessing whether data breaches should be reported to the ICO.
- The Information Assurance Leads
- Senior Information Risk Owners (SIROs) and their delegated Information Asset Owners (IAOs)
- Senior technical and non-technical stakeholders across Government, including Government Digital Service and Open Government Data
Essential
The successful role-holder will have:
• A current, and constantly renewed, understanding of both UK GDPR and the DPA 18 – especially regarding the processing of data for law enforcement purposes and must be able to recognise, and advise upon, the potential impacts of such on MoJ’s existing and emerging technology systems / projects.• A proven track record in developing and leading information assurance strategy in government, including stakeholder engagement, specifically in relation to risk.
• Proven leadership experience in an information / data management setting.
• Experience and knowledge of existing working practices within government, including technical security advice, risk management, off-shoring, data protection impact assessments, governance and compliance.
• Proven ability to adapt to changing priorities, and maintain focus and alignment of the team’s activities - including experience of the management of a team of information security / assurance specialists.
• Experience of engaging with stakeholders and staff to resolve business issues and ensure effective and efficient delivery of services.
• In a comparable business environment, experience of providing evidence based, risk balanced advice to seniors, presenting complex considerations in clear and non-technical terms.
• Be an effective communicator, who can; discuss and understand technical security controls or systems alongside security professionals and software developers.
• Explain technical concepts to senior leaders and stakeholders.
• Communicate risk in a neutral way to allow understanding of impact and likelihood.
• Demonstrate strong written and verbal communication skills.
• Be capable of thinking in the style of a threat-actor, to avoid complacency or over-confidence in how we defend the Department’s information.
• Be passionate about technology, technical transformation and technical information security, where keeping up to date is just part of how you work.
Desirable
• A data protection/GDPR qualification e.g. CIPP/E or CIPM.
This list is at present and is not intended to be exhaustive. The job holder is expected to accept reasonable alterations and additional tasks of a similar level that may be necessary.
Application Process
This vacancy will be assessed using Success Profiles to assess behaviours and technical expertise. The application process will require 250 word STAR format for the identified behaviours, the submission of a CV and a statement of suitability to evidence how you meet the essential and technical criteria required for the role.
In the Civil Service, we use Success Profiles, a flexible framework, to assess candidates against a range of elements using a variety of selection methods, therefore giving you the opportunity to demonstrate the various elements required to be successful in the role.
The sift will be based on the following behaviour:
• Leadership (lead behaviour)
Leadership will be the lead behaviour, so if there a lot of applicants we will sift solely on this. Note: due to the volume of applications we receive we are unable to provide feedback after the CV review (sift) stage.
Shortlisted candidates will be invited to attend a panel interview and will be requested to deliver a 5-minute presentation with slides to demonstrate their technical analyst skills, plus answer 3 behaviour-based questions.
• Delivering at pace - Interview• Working together – Interview
Hours of Work/Working Pattern
37 hour working week (standard).
Additional Information
Working Arrangements & Further Information
The MoJ offers Hybrid Working arrangements where business need allows. This is an informal, non-contractual form of flexible working that blends working from your base location, different MoJ sites and / or from home (please be aware that this role can only be worked in the UK and not overseas). All employees will be expected to spend a minimum of 60% of their working time in an office, subject to local estate capacity.
Some roles will not be suitable for Hybrid Working. Similarly, Hybrid Working will not suit everyone’s circumstances. Arrangements will be discussed and agreed with the successful candidate(s) and subject to regular review.
For nationally advertised roles: All successful candidates will be appointed to the nearest viable office nearest to their home postcode and on its respective pay scale. This will be at either a HQ building (subject to desk allocation, a Justice Collaboration Centre (JCC) or a Justice Satellite Office (JSO) – See Map. All employees will be expected to spend a minimum of 60% of their working time in an office, subject to local estate capacity).
For current MoJ employees, your base location will need to be changed to the nearest viable office (to your home postcode), either at a HQ building, JCC or JSO within the National Office Network and moved its location’s respective pay scale (any legacy arrangements/locations will need to be amended).
Some of MoJ’s terms and conditions of service are changing as part of Civil Service reform. The changes will apply to staff joining MoJ who are new to the Civil Service. Staff joining MoJ from other civil service employers will transfer onto the new MoJ terms if they are already on 'modernised' terms in their current post or onto 'unmodernised' MoJ terms if they are on 'unmodernised' terms at their current post. Details will be available if an offer is made.
MoJ candidates who are on a specialist grade, will be able to retain their grade on lateral transfer.
All candidates who are currently in receipt of Mark Time / Pay Protection should ensure they are familiar with the new policy on permanent and temporary promotion which can be found on the employee intranet.
Flexible working hours
The Ministry of Justice offers a flexible working system in many offices. Standard full time working hours are 37 hours per week. MoJ welcomes part-time, flexible and job-sharing working patterns, where they meet the demands of the role and business needs. All applications for part-time, flexible and job-sharing working patterns will be considered in accordance with the MoJ’s Flexible Working policy.
Benefits
The MoJ offers a range of benefits:
Annual Leave
Annual leave is 25 days on appointment and will increase to 30 days after five years’ service.
There is also a scheme to allow qualifying staff to buy or sell up to three days leave each year. Additional paid time off for public holidays and 1 privilege day. Leave for part-time and job share posts will be calculated on a pro-rata basis.
Pension
The Civil Service offers a choice of pension schemes, giving you the flexibility to choose the pension that suits you best.
Training
The Ministry of Justice is committed to staff development and offers an extensive range of training and development opportunities.
Networks
The opportunity to join employee-run networks that have been established to provide advice and support and to enable the views of employees from minority groups to be expressed direct to senior management. There are currently networks for employees of minority ethnic origin, employees with disabilities, employees with caring responsibilities, women employees, and lesbian, gay, bisexual and transgender employees.
Eligibility
Staff on fixed term appointments must have been recruited through fair and open competition.
Vacancies advertised “cross-government” are only open to all Civil Service employees and employees of accredited non-departmental public bodies (NDPBs) who were appointed on merit following a fair and open competition; or were appointed to a permanent post through an exception in the Civil Service Commissioners' rules.
Support
- A range of ‘Family Friendly’ policies such as opportunities to work reduced hours or job share.
- Access to flexible benefits such as voluntary benefits, retail vouchers and discounts on a range of goods and services.
- For moves to or from another employer or moves across the Civil Service this can have implications on your eligibility to carry on claiming childcare vouchers. You may however be eligible for alternative government childcare support schemes, including Tax Free Childcare. More information can be found on www.www.GOV.UK or Childcare Choices. You can determine your eligibility at https://www.childcarechoices.gov.uk/.
- Paid paternity, adoption and maternity leave.
- Free annual sight tests for employees who use computer screens.
Working for the Civil Service
The Civil Service Code sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles. Should you feel that the recruitment process has breached the recruitment principles you are able to raise a formal complaint in the following order
- To Transformative Business Services (0345 241 5359 (Monday to Friday 8am - 6pm) or e mail moj-recruitment-vetting-enquiries@resourcing.soprasteria.co.uk);
- To Ministry of Justice Resourcing team (resourcing-management-office@justice.gov.uk);
- To the Civil Service Commission (details available here)
As a Disability Confident employer, MoJ are committed to providing everyone with the opportunity to demonstrate their skills, talent and abilities, by making adjustments throughout all elements of the recruitment process and in the workplace. MoJ are able to offer an interview to disabled candidates who meet the minimum selection criteria, except in a limited number of campaigns.
You will be able to request reasonable adjustments to the recruitment process within the application form. If you need additional help completing the application form, please contact the TBS Recruitment Enquiries Team.
For more information on applying for a role as a candidate with a disability or long-term condition, please watch our animated videos.
Diversity & Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy.
Redeployment Interview Scheme
Civil Service departments are expected to explore redeployment opportunities before making an individual redundant. The MoJ is committed, as part of the Redeployment Interview Scheme, to providing opportunities to those who are 'at risk of redundancy'.
MoJ is able to offer an interview to eligible candidates who meet the minimum selection criteria, except in a limited number of campaigns. Candidates will not be eligible for the Redeployment Interview Scheme if they are applying on promotion.
Civil Service Nationality Rules
This job is broadly open to the following groups:
- UK nationals
- nationals of the Republic of Ireland
- nationals of Commonwealth countries who have the right to work in the UK
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) https://www.gov.uk/settled-status-eu-citizens-families
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
- Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window) https://www.gov.uk/government/publications/nationality-rules
Reserve list
A reserve list may be held for up to 12 months from which further appointments may be made for the same or similar roles.
Contact Information
MoJ:
If you require any assistance please call 0345 241 5359 (Monday to Friday 8am - 6pm) or e mail moj-recruitment-vetting-enquiries@resourcing.soprasteria.co.uk
Please quote the job reference 13262
HMPPS
If you require any assistance please call 0345 241 5358 (Monday to Friday 8am - 6pm) or e mail moj-recruitment-vetting-enquiries@resourcing.soprasteria.co.uk
Please quote the job reference 13262
Job Description Attachment
-
251218_JD_DPT DPSL.docx (Job Description Attachment)
Application form stage assessments
Behaviours
A sift based on the lead behaviour, Leadership, may be held if a large number of applications are received. If a large number of applications remain after the initial sift, your application will be progressed to a full sift, where all behaviours will then be considered.
Behaviours Application Form Question Word Limit
250
Leadership
Experience
We will assess your experience for this role via the following methods
CV or Work History, Statement of Suitability
Evidence of Experience
CV or Work History, Statement of Suitability
Interview stage assessments
Interview Dates
Expected end of January 2026
Behaviours
Delivering at Pace
Working Together
Technical
A current, and constantly renewed understanding of both UK GDPR and DPA 2018.
Other Assessments
Which assessment methods will be used?
Presentation
Level of security checks required
Security Clearance (SC)
Use of Artificial Intelligence (Al)
Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.