Data Privacy Manager

Data Privacy Manager

Base Location: Any Regional UK Office (excluding London)  

The KPMG Business Services function is a cornerstone of our UK business. Operating from 20 UK locations and sitting with KPMG Central Services we do work that matters.

Within Central Services we are part of a community of experts across a wide range of critical activities who help grow, run, and protect KPMG in the UK.

From HR and Learning, Finance, Procurement, Facilities and Business Support, through to Risk and Legal, Corporate Affairs, and Sales and Marketing, our approach is focused on driving the improved

performance of the firm, which we support with diligence and expertise.

KPMG is one of the world's largest and most respected consultancy businesses, we've supported the UK through times of war and peace, prosperity and recession, political and regulatory upheaval. We've proudly stood beside the institutions and businesses which make the UK what it is.

Why Join KPMG as a Data Privacy Manager

The Privacy team is at the forefront of ensuring KPMG is compliant with the legislative and regulatory obligations outlined in data protection law. 

Operating in the 2nd Line of Defence as a Data Privacy Manager, you will support the delivery of the privacy compliance programme, empowering teams across the firm to navigate complexities of data protection and privacy compliance, helping to minimise risk.   

You will enable teams to assess engagements, processes and technologies for privacy compliance, including those leveraging transformational technologies such as Generative AI.  You will help drive internal compliance with KPMG’s obligations under Data Protection (GDPR, UKDPA) and Privacy of Electronic Communications Regulations (PECR).

The Data Privacy Manager will apply their data protection and privacy skills to perform all relevant duties as part of the Data Privacy Office Operating Model.

What will you be doing?

• Act as a trusted advisor to provide accurate, appropriate, timely and pragmatic advice, balancing legal and regulatory requirements against business interests.
• Manage the completion of comprehensive data protection impact assessments, enabling the firm to act on opportunities whilst meeting compliance requirements
• Enhance the current privacy by design processes
• Manage timely and accurate responses to Data Subject Rights requests within statutory deadlines, adhering to regulatory obligations.
• Respond to data protection incidents, including remediation and escalation, providing swift review and responses.
• Monitor compliance of 1st LoD Records of Processing Activity.
• Support the data protection elements of the third-party due diligence process, ensuring compliance with privacy regulations.
• Engage with a stakeholders across various functions, Service Lines, Quality, Risk and Security, including OGC and HR, fostering effective communication and collaboration.
• Ensure ownership and monitoring of a privacy risk register, integrating it with the rollout of a GRC tool for comprehensive risk and compliance management.
• Support the development of privacy governance for data risks in AI initiatives across KPMG, including assessments and monitoring of risk, mitigations strategies, development of guidance and training.
• Develop content to promote knowledge sharing and raise awareness via the Privacy portal, including guidance and FAQs.
• Be proactive in identification of continuous improvements to foster positive change within the Privacy Office, seeking innovative solutions to enhance data privacy practices.
• Coach, develop and performance manage a team, provide quality assurance and review the outputs from junior Privacy team members and internal stakeholders.
• Support the definition and report on data protection metrics, providing insights into privacy compliance and performance.

What will you need to do it?

• Experience in data privacy or a related field
• Strong experience advising on privacy matters, with a regulatory/compliance background
• Solid understanding of UK and EU data protection legislation (UK GDPR, DPA, PECR) and experience of operational implementation
• Good understanding of ancillary legislation (EU AI Act, UK AI Frameworks), emerging regulatory developments
• Experience of managing data subject requests and conducting PIA/DPIAs
• Practical knowledge and experience of building Article 30 records of processing activities registers, establishing lawful basis and consent management
• Excellent analytical and reporting skills, using PowerBI and presentation tools to present complex information with exceptional attention to detail
• Excellent communication skills, both written and verbal
• Well organised and able to maintain a high workload efficiently at a consistently high standard
• Good understanding of inter relationships between systems, architecture, platforms and security
• Knowledge of information security measures required by the UK GDPR
• Some experience working with GRC tools to manage privacy risks is advantageous
• Understanding of a 3 lines of defence model (risk management).
• Be highly motivated and confident to work independently with support from experienced team members and subject matter experts where required.
• Certifications in data privacy, such as CIPP/E or CIPM

To discuss this or wider Central Services roles with our recruitment team, all you need to do is apply, create a profile, upload your CV and begin to make your mark with KPMG.

Find out more:

Within Central Services we have a range of divisions and specialisms.  Click the links to find out more below:

• Central Services (KBS) at KPMG: www.kpmgcareers.co.uk/experienced-professional/kpmg-business-services/
• Inclusivity and KPMG: www.kpmgcareers.co.uk/people-culture/being-inclusive/
• KPMG Workability and Disability confidence: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/need-support-let-us-know/

For any additional support in applying, please click the links to find out more:

• Applying to KPMG: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/
• Tips for interview: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/application-advice/
• KPMG values: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/our-values/
• KPMG Competencies: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/kpmg-competencies/
• KPMG Locations and FAQ: www.kpmgcareers.co.uk/faq/?category=Experienced+professionals