Data Protection Analyst

We are seeking a Data Protection Analyst to take responsibility for ensuring adequate oversight of data, governance and ensuring the firm remains compliant with internal policies and the data protection regulations that apply across the Carey Olsen Group, and to carry out data protection related tasks as directed by the Information Risk Analyst or Group CISO. The Data Protection Analyst is a junior to mid-level role that sits within the Group Information Security and Data Protection team. This role can be based in one of our Guernsey, Jersey or Southampton offices. ? About the role Assist with the coordination of the Group's data protection activities. Analyse data processes and flows to identify potential risks and countermeasures. Provide the first point of contact for recording and coordinating the response to reported data breaches, escalating as needed. Assist with the monitoring and provide reporting that evidences compliance with data protection laws, groupsecurity controls, and internal operating procedures of any outsourced data processors. Support the development, implementation, and maintenance of data protection policies, procedures, and controls, and advise on data protection and privacy risks. Provide advice and support to business stakeholders regarding data protection impact assessments. Assist with the onboarding and assessment of third-party providers and sub-processors. Support the timely processing of data subject access requests. Assist with the coordination of an awareness program for the Group and its employees to facilitate adherence to relevant data protection regulations. Maintain records of all data processing activities undertaken by the Group, including the rationale and purpose of all processing activities, which must be made public on request. Ensure effective internal communication to facilitate ongoing employee engagement. Collaborate with technology and other business teams to maintain appropriate data privacy practices. ? We are looking for: 1-2 years' experience within the field of data protection / data privacy is preferable. Exposure to data projects and a solid understanding of the requirements of data protection and risk management Knowledge of the Data Protection Regulations Experience supporting and reviewing data protection impact assessments (DPIAs) and managing data risks and incidents Knowledge of best practices in data governance and compliance A strong interest in data protection and a desire to learn is essential. Professional certifications in data protection (e.g. IAPP) are desirable but not essential ? Click on "Apply for this job" to submit your CV.

Location: Southampton, South East, GB

Posted Date: 8/15/2025