Lead, Data Protection

The Lead, Data Protection supports and drives SCI in meeting its obligations under UK GDPR and other global data protection and privacy legislation. Reporting to the Head of Information Security Services, this role provides leadership, oversight, operational and advisory expertise in data protection and assurance activities, ensuring that sensitive data is managed responsibly and securely.

The Lead will act as the operational lead for global data protection compliance, working in close partnership with the Data Protection Officer (DPO) to ensure regulatory alignment and organisational accountability.

The role contributes to the ongoing maturity and strategic development of the SCI's data protection framework., * Lead and coordinate the global implementation of data protection and privacy compliance frameworks across SCI and Members, ensuring consistent standards across diverse regulatory environments.

• Develop and deliver the Global Data Protection Strategy, plan, risk framework, and governance model.
• Maintain, and continuously enhance data protection policies, procedures, and guidance documents.
• Design, lead and oversee assurance activities, including audits and reviews of data handling practices, data sharing, and retention.
• Oversee monitoring of compliance gaps and provide strategic reporting, escalating issues to the Data Protection Officer as appropriate.
• Lead and coordinate responses to personal data breaches, including coordination of incident documentation and follow-up actions.
• Oversee and ensure effective management of data subject rights requests, maintaining quality timeliness, and legal compliance.
• Lead the design and delivery of training and awareness programmes to embed a culture of privacy and data protection across SCI and Members.
• Lead the preparation of reports, dashboards, and materials for the Data Protection Steering Committee.
• Act as subject matter expert on regulatory developments, advising on operational impacts and provide leadership and guidance to global teams and country offices ensuring consistent application of data protection standards., 1. Application review by our recruiting team based on your CV and cover letter

2. Two-stage competency-based interviews with the hiring team
3. Some recruitment may include an additional assessment or case study stage, or a third stage interview
4. If successful, you will receive a conditional offer of employment, followed by your contract subject to passing background checks

We need to keep children and adults safe so our selection process includes rigorous background checks and reflects our commitment to the protection of children and adults from abuse. All employees are expected to carry out their duties in accordance with our Code of Conduct and all policies and procedures relating to Anti-Harassment, Health and Safety, Safeguarding, and DEI and Equal Opportunities.

Right to Work: The successful candidate must possess the unrestricted right to work in their current or preferred location for the duration of employment

Language Requirements: English, 1. Strong and applied expert knowledge of UK GDPR and other major privacy frameworks.

2. Demonstrated experience in leading data protection compliance activities, including handling subject rights requests and supporting incident management.
3. Good understanding of information technology and data management systems.
4. Strong interpersonal skills with the ability to engage and challenge senior stakeholders constructively.
5. Experience in drafting policies, procedures, or guidance documents.
6. Ability to prioritise strategically and manage competing demand in a complex environment.
7. Excellent written and verbal communication skills.
8. Ability to identify compliance risks and translate them into practical, and context-specific solutions.
9. Strong appreciation of effective Data Protection in a multinational humanitarian and development organisation.

Desirable

• Familiarity with cybersecurity risks and information security standards.
• Experience working in a large, complex, or global organization.
• Exposure to project or change management activities., * Degree or diploma in Law, International Development, Computer Science, Business Technology, Cybersecurity, Information Security, or relevant professional experience.
• Recognised privacy qualification e.g. CIPP, ISEB, C-DPO

Desirable

• IT security or assurance certification (e.g., ISO27001 Implementer, CISSP, CISM).

Save the Children is the world's leading organisation for children, employing ~25,000 staff. We save children's lives. We fight for their rights. We help them fulfil their potential. Through our work in 116 countries, we put the most deprived and marginalised children first. We know that great people make a great organisation, and that our employees play a crucial role in helping us achieve our ambitions for children. We value our people and offer a meaningful and rewarding career, along with a collaborative and inclusive environment where ambition, creativity, and integrity are highly valued., Together we are stronger. Join the conversation.