Are you OK with cookies?

We use small files called ‘cookies’ on to give you the best experience on our site. Some are essential to make the site work, and some help us understand how people use the site so that we can improve your experience. You can choose to turn off the non-essential cookies. Which cookies are you happy for us to use?


Data Privacy Manager (DDaT) – 41561
£30,989 - £47,591
Multiple Locations


We welcome and encourage applications from everyone, including groups currently underrepresented in our workforce and pride ourselves as being an employer of choice. To find out more about how we champion diversity and inclusion in the workplace, visit:


These are exciting times at MOJ Digital and Technology. We have a clear vision – to develop a digitally-enabled justice system that works more simply for users – and we’re looking for talented people to help us achieve it. We’re making things better by building adaptable, effective services and making systems that are simple to use for staff and citizens. It can be challenging but it’s also important and rewarding.

As well as doing great work, we’re creating a place that’s great to do work in. We offer tip-top kit, brilliant training opportunities and support from expert colleagues. On top of that, you’ll find flexible working, an inclusive culture and a place where your opinion is valued.

The Team

Knowledge and information are the lifeblood of the Ministry of Justice (MoJ). They can transform the way we deliver public services as well as the relationship between government and public. It is important for the Department to show that we are capable of handling information carefully as well as making it readily available and widely accessible wherever we can and should. Managing information well can have a direct impact on our ability to deliver core services to our customers.

The Security and Privacy Team is responsible for helping business groups across the department manage and use personal information in a manner compatible with the law. Its core function is to promote compliance with the Data Protection Act (DPA) 21018 and the General Data Protection Regulation across policies, projects, processes and services which involve personal data, through the provision of bespoke advice, training and guidance to business areas.

Reporting to the Data Privacy Strategic Lead you will have a leading role in contributing to improvements to the way the department manages its personal data including responsibility for promoting adherence to and providing guidance across a vast spectrum of business areas on information legislation; you will also be part of the management of high impact incidents involving personal data.

The role

The role-holder will be expected to:

  • Act as principal point of contact for a number of the MoJ’s component agencies/ organisations and central work-streams; providing expert advice and guidance on the application of data protection legislation in their business area and particular circumstances. You will have to deal with complex issues and will need to be able to produce accurate advice on compliance matters quickly, to a high standard.
  • Contribute to commissions from within the business and cross-government, to help ensure the proper application of data protection law and reliance on appropriate legal gateways to data processing mindful of the potential risks and outcomes associated with such.
  • Review and advise upon Data Protection Impact Assessments (DPIAs) and data sharing agreements / memorandums produced (or in production) to mitigate privacy risks and advise on potential solutions and changes to processes / policies proposed to aid both their legal and practical application.
  • Build and maintain excellent working relationships with key colleagues in the Ministry, its executive agencies as well as with other government departments.
  • The role also provides the opportunity to draft a range of written communications including advice and submissions to senior officials and Ministers. You may also have to draft clear letters and other correspondence setting out the legal position in the context of the circumstances in each case to stakeholders and the public.

You’ll have

You will be required to provide evidence of the following essential criteria:

The successful role-holder will have:

  • A current working knowledge and understanding of both the GDPR and DPA 2018 and must be able to recognise, and advise upon, the potential impacts of such on MoJ’s existing and emerging technology systems / projects,
  • A proven track record in developing and leading information assurance strategy in government, including stakeholder engagement, specifically in relation to risk,
  • Proven leadership experience in an information / data management setting,
  • Experience and knowledge of existing working practices within government, including technical security advice, risk management, off-shoring, privacy impact assessment, governance and compliance,
  • Proven ability to adapt to changing priorities, and maintain focus and alignment of the team’s activities – including experience of the management of a team of information security / assurance specialists,
  • Experience of engaging with stakeholders and staff to resolve business issues and ensure effective and efficient delivery of services,
  • In a comparable business environment, experience of providing evidence based, risk balanced advice to seniors, presenting complex considerations in clear and non-technical terms.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.

In the Civil Service, we use Success Profiles, a flexible framework, to assess candidates against a range of elements using a variety of selection methods, therefore giving you the opportunity to demonstrate the various elements required to be successful in the role.

At the interview we will be assessing your technical/specialist skills and experience, testing your ability through relevant assessments and asking you questions around the behaviours we require to be successful in this role.

The behaviours we assess are:

  • Leadership
  • Communicating and influencing
  • Working together
  • Developing self and others
  • Making effective decisions
  • Delivering at pace
  • Seeing the big picture
  • Changing and improving
  • Managing a quality service

Throughout the process we will assess your technical specialist skills and experience on the above requirements.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.

Selection process details

●        All candidates must submit a CV AND a response to the question; “What are the challenges and benefits of an organisation being compliant with data protection laws?(1000 word limit)

The job advert lists the essential, specialist skills and experience.

At the CV review/sift stage we will use the technical/specialist skills and experience to determine your suitability for the role. At the interview we ask you questions based on the specialist/technical skills and experience as well as behaviours outlined.

At the Interview, we will ask open-ended questions to which they are seeking answers/evidence of essential, previous skills, experience and behaviours in order to guide their hiring decision.

Note: due to the volume of applications we receive we are unable to provide feedback after the CV review (sift) stage. Your application will not be considered if you have not submitted a CV and a response to the question.

Salary and working arrangements

If successful, the salary we offer you will be within the advertised range and will depend on the skills and experience you demonstrate at the interview. Therefore in your cover letter it would be helpful to the hiring teams if you can indicate your salary expectations and if possible your notice period.


●       37 hours/week and flexible working options – working from home or remotely, working part-time, job sharing, or working compressed hours.

●       Lots of training and development opportunities with learning platforms such as: Linux Academy, O’Reilly, Pluralsight, Microsoft Learning, Civil Service Learning, GDS Academy, etc.

●       10% dedicated time to learning and development with a budget of £1000 a year per person

●       Generous civil service pension based on defined benefit scheme, with employer contributions of 26-30% depending on salary.

●       25 days leave (plus bank holidays) and 1 privilege day usually taken around the Queens’ birthday. 5 additional days of leave once you have reached 5 years of service.

●       Great maternity, adoption, and shared parental leave, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!

●       Bike loans up to £2500 and secure bike parking (subject to availability and location)

●       Season ticket loans, childcare vouchers and eye-care vouchers.

●       5 days volunteering paid leave.

●       Free membership to BCS, the Chartered Institute for IT.

●       Some offices may have a subsidised onsite Gym.


Further information

Please review the following Terms & Conditions which set out the way we recruit and provide further information related to the role.


If you have any questions please feel free to contact

Additional Information