Policy/GDPR Lawyer

4806472
  • Job type

    Permanent
  • Location

    London
  • Working Pattern

    Flexible Working,Full-time
  • Specialism

    In-house Legal
  • Industry

    Legal
  • Pay

    64400

Looking for a lawyer within the Enforcement Team focusing on GDPR and data protection/management

Your new company
A respected UK public‑interest regulator is seeking a Policy & Data Protection Lawyer to join its Enforcement Division. The organisation operates in a complex investigative environment where the lawful handling of sensitive information is critical. You’ll be joining a multidisciplinary team of around 60 professionals, all working to uphold high standards of integrity and accountability.

Your new role
This is a Level 3 position for a technically strong, self‑sufficient lawyer with hands‑on GDPR and data protection experience in a litigation, regulatory or enforcement setting.
You will act as the division’s sole dedicated data protection specialist, supporting the Information Asset Owner and senior leadership on all matters relating to data governance, compliance and policy. Your work will include:
  • Providing day‑to‑day legal advice on UK GDPR, the Data Protection Act, FOIA and related frameworks
  • Supporting enforcement investigations with expert guidance on data handling, disclosure, confidentiality and risk
  • Updating and maintaining internal data management policies and procedures
  • Advising on and preparing DPIAs, LIAs and data‑related risk assessments
  • Investigating and advising on data breaches
  • Preparing reporting documentation and supporting routine administrative governance tasks
  • Working autonomously with supervision from a Senior Policy Lawyer
  • Engaging with internal case teams, senior management and external bodies where required
  • Contributing to training and knowledge‑sharing across the division

What you'll need to succeed
You will thrive if you bring:
  • Qualification as a solicitor or barrister in England & Wales (or a comparable common law jurisdiction)
  • 2–5 years’+ PQE with strong, practical GDPR/DP experience
  • Experience advising in a regulatory, enforcement, litigation or public‑sector investigations context
  • The ability to work autonomously, apply sound legal judgement and handle technical issues confidently
  • Strong academics and excellent analytical skills
  • Comfort with both high‑level advisory work and routine governance tasks
  • The ability to quickly grasp new issues and operate in a fast‑moving environment
  • Strong communication skills and confidence engaging with senior stakeholders

What you'll get in return
  • A rare opportunity to shape data protection practice within a high‑profile enforcement environment
  • Exposure to senior leadership and complex, sensitive investigations
  • A supportive team structure with autonomy and room to grow
  • Hybrid working (up to 60% remote)
  • A collaborative, mission‑driven culture
  • Clear development pathways and access to specialist training


What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.

Apply for this job

Talk to Lucy Kelly, the specialist consultant managing this position

Located in London-City, 5th Floor, 107 Cheapside, Telephone 02034650141
Click here to access our Privacy Policy, which provides detailed information on how we use and protect your personal information, and your rights in relation to this.