Data Protection Manager

Reports to the Data Protection Officer

We're looking for a self-motivated and driven individual to help Aztec maintain and develop its Data Protection Framework (DPF), as we enter a period of expansion and growth.

You'll be a key part of the Data Protection Function reporting to Aztec's Data Protection Officer. You'll be advising and directing stakeholders from across the business on how to process personal data, carrying out reviews to ensure our DPF is fit for purpose and reporting on data protection developments to senior stakeholders. This is a key enabling role that will help Aztec as it expands – helping to ensure data protection compliance, whilst adhering to Aztec's core values.

Key Responsibilities

Data Protection Framework Evolution

• Support the ongoing development and Aztec's DPF, ensuring it adapts to regulatory changes, business growth, and emerging technologies.
• Contribute to the design, development and implementation of data protection policies, procedures, and controls across all business units.
• Carry out external research and benchmarking to ensure that Aztec's DPF meets industry and jurisdictional standards.

Governance, Compliance & Reporting

• Produce insightful data protection reports for senior boards and committees, highlighting compliance status, trends, and DP improvement initiatives.
• Deputise for the DPO as required, ensuring continuity of compliance and stakeholder engagement.
• Undertake data protection monitoring and thematic reviews to identify areas of improvement and / or non-compliance with applicable data protection legislation.
• Monitor new and emerging data protection legislation and assess impact on Aztec's DPF.

Operational Excellence

• Manage and respond to Data Subject Access Requests (DSARs) and data incidents.
• Manage Data Protection Impact Assessments (DPIAs) for new and evolving processing activities, working closely with business stakeholders and Information Security.
• Monitor and analyse external data protection regulatory developments, proactively updating internal policies, procedures and practices.

Advisory & Stakeholder Engagement

• Act as a trusted advisor to all business units on data protection risks and best practices.
• Support the development of a strong data protection culture through both training and internal awareness campaigns.
• Where required, represent the DPO at internal forums and committees.

Risk Management & Continuous Improvement

• Analyse data protection risk events and breaches, and audit findings to identify root causes, lessons learned, and opportunities for improvement.
• Contribute to the remediation of compliance gaps, including those identified through audits, regulatory reviews, or internal assessments.
• Support the integration of data protection into broader risk management and governance frameworks (e.g., Three Lines of Defence Model, Operational Resilience).

Skills, knowledge, expertise:

Essential

• Strong knowledge of GDPR and multi-jurisdictional data protection laws (UK, EU, Channel Islands, Luxembourg).
• Proven experience in data protection or privacy roles within financial services.
• Experience handling DSARs and other data subject rights requests.
• Ability to interpret legislation and apply it pragmatically in a business context.
• Strong analytical and problem-solving skills.
• High attention to detail and organisational skills.
• Ability to work under pressure and manage competing priorities.
• Presentation skills including the use of Microsoft PowerPoint and ability to produce concise executive and board level data protection reports.

Desirable

• Experience in compliance monitoring.
• Familiarity with data governance frameworks and committees.
• Knowledge of financial services regulatory environment.
• Experience with emerging technologies (e.g. AI) and data analytics.

We will provide the training, both in house for relevant technical knowledge and also professional qualifications to enhance your professional development. You will need to be quick to learn new systems and great with people, as close working relationships between our colleagues and clients is at the heart of what we do.