Data Protection and Assurance Officer - Castlefield Recruitment : Job Details

Data Protection and Assurance Officer | Greater Manchester | Hybrid | £52,000 - £55,000 pa | 12 Month FTC

Castlefield Recruitment are currently working in partnership with a regulated organisation in the Housing sector to recruit a Data Protection & Assurance Lead on a 12 month fixed term basis.

This is a newly developed, high-profile role that will combine strategic and operational responsibilities across data protection, assurance, and compliance. Acting as the named Data Protection Officer, you will lead on ensuring organisation-wide GDPR compliance, while also supporting broader risk and assurance functions.

Key Responsibilities

Data Protection (DPO):

• Act as the named Data Protection Officer for the organisation
• Lead on the review and development of data protection policies and procedures
• Oversee GDPR compliance and maintain up-to-date records of processing activity
• Manage data sharing agreements, breach reporting, DPIAs and Subject Access Requests
• Work with internal teams to embed best practice data governance across operations
• Raise awareness through training and guidance to all levels of staff
• Act as first point of contact for the ICO and data subjects
• Monitor legislative developments such as the Data Usage and Access Act 2025

Assurance & Compliance:

• Support the delivery of the quarterly internal assurance cycle
• Monitor compliance with regulatory and legal frameworks (e.g. Social Housing Regulation Bill)
• Maintain internal audit action trackers and policy frameworks
• Support the preparation of reports to senior leadership and board-level committees
• Assist in the review of legal updates and ensure organisational readiness
• Collaborate with internal teams to manage the Asset & Liabilities Register and Risk Register
• Promote a culture of continuous improvement, transparency, and accountability

Experience and Skills Required

• Proven experience in a data protection, governance, or compliance role (ideally as DPO or similar)
• Strong understanding of UK GDPR and other relevant regulatory requirements
• Experience working in a regulated environment (housing, healthcare, public sector etc.)
• Ability to interpret complex legislation into operational practice
• Confident managing internal assurance or audit processes
• Excellent communication skills and stakeholder engagement experience
• Relevant data protection qualification (e.g. CIPP/E, CIPM) is desirable but not essential