Head of Data Compliance

Roke is a world-class engineering and technology company, with a trusted and long-standing record of delivery spanning research & development, products, managed-services and consultancy, serving customers across the globe. The markets Roke operates in are broad, but they are frequently cross-cutting at engineering and delivery levels. Markets include Defence, National Security, Intelligence sectors with diversity being at the centre of Roke’s strategy.

Joining a team united by purpose and ambition, you’ll be at the heart of an exciting growth journey. At Roke, every individual counts. We push past technical boundaries together. We re-invest in product innovation, and we empower our people to make a difference.

About the Role

This is a senior role where you will take the lead on all data protection, GDPR compliance and wider data compliance issues, as well as data risk matters. The role has arisen due to the incumbent retiring from the Company. You will report directly to the General Counsel.

We welcome applications from those who come from a different industry to ours and from both public or private sector organisations; we understand that diversity of thought brings its own benefits to Roke and a fresh perspective on how we do things. This role may be a level transfer from someone who wishes to take on a new challenge or a promotion for someone who wishes to progress to the next level in their career.

Lastly, we understand that different people have different skills and experiences and therefore you might not be able to meet every responsibility or have the necessary experience listed below. However, we appreciate that you will bring other skills and experiences to us and would therefore encourage you to apply. You have nothing to lose!

• Proven leadership experience in data protection and privacy.
• Ability to influence senior stakeholders and communicate effectively at all levels.
• Exceptional interpersonal skills and being able to build relationships both within the team and with stakeholders across the Company including Engineers, Project Managers, Finance, HR, Supply and Commercial teams.
• Strong written and verbal communication skills; the ability to write and articulate issues and risks clearly and succinctly and relay these verbally.

• Act as the primary point of contact for data privacy matters across the business.
• Develop and implement strategies, policies and controls to ensure compliance with data protection legislation.
• Maintain statutory records, including Records of Processing Activities and Legitimate Interest Assessments.
• Respond to Data Subject Access Requests.
• Monitor regulatory developments and update internal policies accordingly.

• Ensure Privacy by Design principles are embedded in projects, including assisting with the preparing of Data Protection Impact Assessments (DPIAs).
• Lead investigations into suspected or actual data breaches, ensuring timely assessments, containment, documentation, root cause analysis and making recommendations to General Counsel on appropriate actions.
• Collaborate with the Security Team on information security to ensure robust data security measures.

• Review of data protection clauses in contracts, Data Processing Agreements and Standard Contractual Clauses.
• Work with the Supply and Commercial Teams to ensure compliance with data protection requirements.
• Deliver training on data compliance principles to all new employees.
• Develop and deliver training programs to embed data protection awareness across the Company.

• Define and track KPIs for data protection compliance.
• Plan and execute regular internal audits to identify and mitigate risks proactively.
• Assist General Counsel in engaging with relevant regulatory bodies including with the ICO when necessary.

• Working knowledge of utilising artificial intelligence within a technology business, measuring the associated risks and experience in leveraging its potential use as an enabler when used responsibly.

• Knowledge of cyber security principles and practices
• Knowledge and awareness of ISO standards, and/or any other standards relating to data/cyber security (NIST, Cyber Essentials).

• Experience in working in a Technology business.
• Experience in working in a National Security setting.
• Experience in working in Defence.

• DV clearance bonus (if applicable)
• Performance-related bonus scheme
• Contributory pension plan
• Sharesave Scheme
• 30 days of annual leave with the option to purchase an additional 5 days.
• Flexible benefits platform packed with lifestyle discounts

• Learning & Development - We offer lots of opportunities for learning, whether you join us for a short stint or the long game, you’re good to grow with us. Including fully funded professional qualifications, leadership development and mentoring.
• Diversity and belonging - Everyone is welcome at Roke. We want you to feel confident and valued for who you are and to truly belong.
• Pace and variety - Our work is fast paced with lots of variety, you’ll build a diverse skill set and learn a lot in a fast moving business!

Due to the nature of this role, we require you to be eligible to achieve SC clearance. As a result, you should be a British Citizen and have resided in the United Kingdom for the last 5 years.

Click apply, submitting an up-to-date CV setting out how you meet the above criteria – there is no need for a cover letter but you may send one if you wish!

If you would like to discuss this role in more detail please contact Shahzad Hamid via