Data Protection Officer

London / Hybrid
£50,000 - £55,000
11 Mar 2023
24 Mar 2023
Contract Type
Full Time


The Independent Parliamentary Standards Authority (IPSA) is a hybrid organisation. We have an office in central London which you can work from, although we welcome applications from all across the UK, offering flexible homeworking on UK mainland locations.


IPSA is the independent body that regulates and administers the business costs and decides the pay and pensions of the 650 elected Members of Parliament and their staff in the UK. We were created by the Parliamentary Standards Act 2009, as the world’s first independent regulator of MPs’ financial remuneration.

IPSA is on a mission! We want to enable MPs to do what really matters by providing an exemplary, seamless regulatory service. We have a compelling plan and we’re intent on transforming IPSA. Transparency lies at the heart of everything we do. We publish details of business costs claims made by MPs and their staff, as well as annual data about every MP’s spending and other aspects of their activity.

About the role:

We are seeking to appoint a Data Protection Officer who can ensure that IPSA complies with all its statutory data and information governance obligations and ensures that we continue to embed good information handling practices cross the organisation and each part our of operations. This will include working with colleagues at all levels to ensure our process and practices are fit for purpose and implementing changes where there is a need to do so. 

You’ll be able to advise on best practice and make clear and timely recommendations where risks are identified, and you’ll enjoy working collaboratively to ensure we evolve and continually improve. You’ll bring with you excellent knowledge in this specialist area and be passionate about making sure everything we do is fit for purpose and right first time. You’ll have relevant experience within the public sector, with some experience of working in a regulatory setting.  You’ll have a determination to ensure that our data and information governance practices are aligned to IPSA’s strategic objectives.

This role allows for a high degree of autonomy and professional independence on a day-to-day basis. There is significant scope for leading change and improvements, both within the IG team and more widely across IPSA. The work involves frequent contact with the Executive Leadership and Senior Management Teams and the opportunity to ensure changes to our operating model incorporate best practice information governance approaches.

Main responsibilities:
You’ll will be responsible for: 

  • Discharging the statutory role of Data Protection Officer for IPSA in line with GDPR regulatory requirements, and any future legislative changes in this area and act as the contact point for the Information Commissioner’s Office (ICO).
  • Partnering with the organisation to provide ongoing training, advice and awareness-raising for IPSA staff on the organisation’s information governance responsibilities in addition to their individual and team’s responsibilities. 
  • Regularly assessing compliance against ICO best practice self-assessment tools (or similar) and identifying and addressing risks so as to manage change and make continuous improvements, specifically advising on changes needed in light of evolving legal and regulatory frameworks.
  • Creating and regularly updating information governance policies and processes.
  • Ensuring that IPSA’s register of data processing activities is up to date and comprehensive and carrying out, or advising on, data protection impact assessments for new data processing aspects of projects and programmes. 
  • Investigating, following up and learning from any data breaches. Supporting IPSA’s legal team when necessary, in any legal cases.
  • Assessing complex issues and making evidence-based judgments and feasible recommendations on data handling, security, and records management issues, and supporting implementation. Ensuring data retention schedules are up to date, including process adherence. 
  • Ensuring FOI and Subject Access Requests are responded to within statutory deadlines and liaising with all areas of the organisation to obtain relevant information.

What we are looking for:

Ideally, you’ll be a qualified professional (e.g., CIPP/E, CIPM, ISEB in DP or FOI, or equivalent) and will have demonstrable experience of operating in a DPO capacity in a similar organisational setting. You’ll think about data protection strategically, as well as being a hands-on collaborator with day-to-day requests and core business activities. Your ability to manage multiple workstreams will be first rate and you’ll be a pragmatic problem-solver comfortable with thinking outside the box, even within the regulatory framework. You’ll be adept in providing independent advice based on integrity and strong principles.  

With excellent written and verbal communication skills, you’ll be comfortable liaising with internal and external stakeholders at all levels, for example, with executive leadership and Board members, the ICO, legal teams and other stakeholders.  

You’ll be joining a high-performing team where resilience is a key attribute, and given the remit of the role, the ability to work at pace is important.

A full person specification is available on our website.


  • Civil Service Pension
  • Generous starting holiday entitlement of 25 days + bank holidays, increasing by 1 day each year up to 30 days
  • Season ticket/rent deposit loans
  • Hybrid and flexible working by default, with occasional travel for team meetings 
  • Access to learning and development tailored to your role
  • Working in a high-performing organisation
  • A culture encouraging inclusion and diversity with time to participate in workplace networks
  • Cycle to work scheme
  • Volunteering days

Our commitment and values

We’re committed to making IPSA a more diverse and inclusive organisation and we choose to recruit, retain, and develop people with a diverse mix of skills and experience We are a high-performing organisation that values diversity and we live our values through all the work that we do. Our inclusive workplace environment welcomes people from all backgrounds and our ID, Green, Women’s and LGBTQIA+ networks signal our commitment to celebrating and promoting diversity, inclusion, and sustainability.

Our core values are Staying Connected, Seeing the Bigger Picture, Being Open, Doing the Right Thing and Making a Difference. If you share and live our values, then we would like to hear from you. We are a values-based organisation, and you can expect these to feature throughout the recruitment process and beyond.

How to apply:

If you are interested in applying for this role, please send your CV and a one-page cover letter via the form below.

We anticipate a high volume of applications for this role, and regretfully we will only be able to respond to you if you are shortlisted. 

Before you apply, you’re asked to read the ‘how to apply’ section on our website, detailing our approach to reducing unconscious bias in our recruitment process.   

Interview process

Our interview and onboarding processes are virtual.  If you want to join our team, you’ll need access to a secure WIFI network and a private space to work from. If you’re successful we will provide you with equipment for onboarding, training, and working from home.

If you are shortlisted, there will be a competency-based interview where we will ask you a series of questions designed to help the panel assess your suitability for the role and for IPSA, and we may also ask you prepare a short presentation. 

We expect to shortlist for this role in w/c 20th March, with interviews in w/c 27th March, although we may decide to conduct initial telephone interviews before that date, depending on the volume of applications.

Important information

We aim to keep our application window open for four weeks which means the closing date for this role will be Friday 24th March.

However, we will sift applications as they are submitted and therefore, we reserve the right to close the advert at any point after two weeks.

We expect to receive a high number of applications for this role, so we strongly advise you to apply before Sunday 12th March.

Privacy notice and right to work

By applying you confirm you have the right to work in the UK and have read our Human Resources privacy notice you can find on our website.

Similar jobs

Similar jobs