The Role As part of Howden Group Holdings, an international insurance intermediary, this role is central to ensuring robust data protection across Howden’s UK Broking and Reinsurance Divisions. The role holder will support the Data Protection Function in establishing, implementing, and maintaining a data protection control and oversight framework to safeguard compliance with applicable data protection laws. This role involves providing practical, risk-based mentorship to assist Howden entities in fulfilling their data protection responsibilities. Additionally, the role will contribute to delivering data protection plans and projects that enhance compliance, improve risk management, and maintain up-to-date and effective privacy practices across the organisation. Key Responsibilities: Supply to delivering key aspects of the annual Data Protection Plan and Risk & Control Framework. Identify improvement opportunities within the Data Protection Framework, focusing on early risk identification and efficient implementation of remedial actions. Lead assigned projects, including integration of new business acquisitions and new policy administration systems. Maintain data protection registrations and meet proficiency requirements through ongoing training and alignment to internal policies. Advise on data protection matters such as Data Subject Requests, Personal Data Breaches, Data Protection Impact Assessments, vendor due diligence, and data retention. Document and maintain Records of Processing Activities (RoPAs) for each in-scope entity, ensuring privacy notices reflect current practices. Complete annual Data Protection risk assessments for internal governance reporting and support enterprise risk assessments. Supervise data protection compliance, performing gap analyses, and coordinating remediation and training as vital. Act as a referral point for data protection queries and advance issues to the Head of Data Protection as needed. Skills & Attributes Deep knowledge of UK and EU data protection laws and ePrivacy regulations, including PECR. Experience with data protection compliance in sophisticated, multi-company environments. Skilled in assessing and advising on personal data breaches, subject access requests, and contractual reviews with controllers and processors. Solid understanding of information technologies and data security best practices. Experience within Financial Services (preferably insurance) is desirable. Effective interpersonal and negotiation skills to work with diverse internal and external stakeholders. Excellent interpersonal, time management, and planning abilities. Clear communicator, able to simplify sophisticated concepts and balance regulatory needs with business goals. Qualifications CIPP/E, CIPM, or Certified Data Protection Practitioner (PC.dp) qualifications are preferred but not essential. What do we offer in return? A career that you define. At Howden, we value diversity – there is no one Howden type. Instead, we’re looking for individuals who share the same values as us: Our successes have all come from someone brave enough to try something new We support each other in the small everyday moments and the bigger challenges We are determined to make a positive difference at work and beyond Reasonable adjustments We're committed to providing reasonable accommodations at Howden to ensure that our positions align well with your needs. Besides the usual adjustments such as software, IT, and office setups, we can also accommodate other changes such as flexible hours or hybrid working. If you're excited by this role but have some doubts about whether it’s the right fit for you, send us your application – if your profile fits the role’s criteria, we will be in touch to assist in helping to get you set up with any reasonable adjustments you may require. Not all positions can accommodate changes to working hours or locations. Reach out to your Recruitment Partner if you want to know more.