Data Protection Manager - One Login

The GOV.UK One Login for Government Programme represents a once in a generation opportunity to simplify and widen access to all digital government services. Sitting at the heart of the government, we are building one simple, safe and secure way for users to Log in and prove who they are that will work across all government services. 

GOV.UK One Login is being designed and built for the many, not the few. It will unite services across government, revolutionising the way government departments digitally interact with users. One Login will deliver an accessible and essential function that will change lives and help millions. We are an ambitious and visionary team so if you want to be at heart of this truly groundbreaking programme keep reading…

The GOV.UK One Login programme is full of talented and passionate people who are consistently delivering high quality products for services and individuals. We’re half way through our build phase and features are being shipped almost weekly as we work to mature our product set so that we can expand the range of services and departments benefitting from our work. 

The right person will join a well motivated and dynamic multi disciplined team working to deliver on our commitments and roadmap. 

Sometimes described as the most strategic programme in government, GOV.UK One Login represents a once in a career opportunity to work on a software product that will be used by the majority of the people living in the UK. It’s a fast paced, dynamic and challenging environment that is sure to offer you career satisfaction as well as a chance to develop and enhance your skills. 

If this sounds like the next role for you on your career journey then we’d love to hear from you. 

Find out more at the GDS Blog.

Job description

The Data Governance Team, as part of the GDS Business and People Services (BPS) directorate, provides specialist expertise and leadership across the Government Digital Service. GDS has specialist data protection and information management requirements and requires extensive data governance controls to be designed and incorporated into product development. Strong privacy controls designed and built from the outset will improve users' confidence in the digital services delivered by GDS. 

Digital Identity  is seeking to recruit a Data Protection Manager to deliver data protection excellence within the One Login programme which is one of the most innovative and exciting programmes in government. You will play a critical role in ensuring that data protection principles are embedded into the programme to enable GOV.UK One Login to protect public data whilst enabling innovative digital solutions. Reporting to the Data Protection Lead, you will build outstanding relationships with the programme team to embed privacy by design and uphold the highest standards. You will be involved in providing support to cutting edge technologies such as the use of biometrics and AI. This role provides an exciting opportunity to become a key part of one of the most impactful programmes in government. 

This is what is expected of a Data Protection Manager:

1. data protection compliance: Support the Data Protection Lead to ensure the GOV.UK One Login programme complies with data protection law by delivering flexible and pragmatic governance practices that enable delivery at pace
2. privacy by design and risk management: Lead and deliver high quality Data Protection Impact Assessments (DPIAs), Privacy Notices and Records of Processing Activities for new projects at pace. Support other key processes including delivering data subject rights and managing personal data incidents
3. cutting edge technologies: Provide expert advice and direction on complex and novel forms of processing, especially on AI and biometrics. Balance legal requirements against the need to deliver innovative solutions to benefit the public, supporting timely delivery of demanding GDS targets
4. excellent communication and relationship management: Work closely with programme colleagues to build trust. Deliver high quality written and verbal briefings to all levels of the programme, including delivery managers and the Programme Board
5. external stakeholder engagement: Work closely with external stakeholders such as the Information Commissioner’s Office (ICO) and privacy groups to ensure compliance and address queries
6. support the data protection lead: Provide proactive support to the Data Protection Lead to manage compliance, identify risks, and deliver strategic objectives. Identify, assess and manage data protection risks, ensuring that risks are appropriately escalated to the Data Protection Lead and GOV.UK One Login Senior Management

Person specification

1. data protection expertise: Strong understanding of data protection law (eg UK GDPR, DPA 2018). Hold a relevant privacy qualification such as IAPP (CIPP/E, CIPM) or PDP, with experience of delivering data protection within fast paced organisations
2. working in a digitally driven environment: Experience at delivering data protection compliance within complex digital projects with the ability to enable the use of innovative techniques such as processing of biometric data, use of AI etc   
3. data protection risk management: Extensive experience of delivering Data Protection Impact Assessments which enable delivery and mitigate risks through pragmatic solutions. Ability to proactively identify risks and opportunities for improvement
4. workload management and prioritisation: Proven experience in managing multiple complex tasks simultaneously, prioritising workload and meeting challenging deadlines in a fast paced environment. Ability to work under pressure and adjust priorities where necessary 
5. communication and stakeholder management: Proven experience of using excellent verbal and written communication skills to build strong relationships and influence data protection practices. Skilled in translating data protection requirements into clear, practical advice 
6. teamwork: Strong experience of working as part of a team, collaborating effectively with colleagues to achieve collective goals and enhance team performance

Benefits

The benefits of working at GDS

There are many benefits of working at GDS, including:

• flexible hybrid working with flexi-time and the option to work part-time or condensed hours
• a Civil Service Pension with an employer contribution of 28.97%
• 25 days of annual leave, increasing by a day each year up to a maximum of 30 days
• an extra day off for The King’s birthday
• an in-year bonus scheme to recognise high performance
• career progression and coaching, including a training budget for personal development
• paid volunteering leave
• a focus on wellbeing with access to an employee assistance programme
• job satisfaction from making government services easier to use and more inclusive for people across the UK
• advances on pay, including for travel season tickets
• death in service benefits
• cycle to work scheme and facilities
• access to children's holiday play schemes across different locations in central London
• access to an employee discounts scheme
• 10 learning days per year
• volunteering opportunities (5 special leave days per year)
• access to a suite of learning activities through Civil Service learning

GDS offers hybrid working for all employees. This means that everyone does some working from home and also spends some time in their local office. You’ll agree to your hybrid working arrangement with your line manager in line with your preferences and business needs.

Any move to Government Digital Service from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

Things you need to know

Selection process details

The standard selection process for roles at GDS consists of:

• a simple application screening process - We only ask for a CV and cover letter of up to 750 words. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “person specification” section above
• a 60 minute video interview

Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.

In the event we receive a high volume of applications, we will conduct the initial sift against the lead criteria which is: 

Data Protection Expertise: Strong understanding of data protection law (eg UK GDPR, DPA 2018). Hold a relevant privacy qualification such as IAPP (CIPP/E, CIPM) or PDP, with experience of delivering data protection within fast paced organisations.

While we value the use of AI technology to enhance our daily work, we also value the personal touch and urge applicants to write cover letters without the use of AI to emphasise their own unique experiences.

In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We’ll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.

For this role we’ll be assessing you against the following Civil Service Behaviours:

• working together
• changing and improving
• making effective decisions
• communicating and influencing
• delivering at pace

Recruitment Timeline:

In order to assist candidates with this role, we will be holding a virtual recruitment event on 19/12/2024 at 12:00 - 13:00 to go through the role in more detail. If you are interested in joining this event please e-mail: gds-recruitment@digital.cabinet-office.gov.uk and a member of the team will send you an invitation to the event.

Sift completion: 06/01/2025

Panel interviews: 20/01/2025

Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.

A reserve list will be held for a period of 12 months, from which further appointments can be made.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

Other information: Occasionally, business pressures, priorities or critical delivery may mean that we move you into a different team or work area within GDS. This will always be within the same grade and discipline within which you were hired, but does mean that your focus or objectives may shift in order to deliver GDS business.

You may be aware that there are plans for the Government Digital Service (GDS) & the Central Digital & Data Office (CDDO) to move into the Department of Science, Innovation & Technology (DSIT). This move is to bring together the digital transformation of public services into one core department. The move itself will offer huge opportunities whilst allowing DSIT to lead the way and drive forward the new Government's digital agenda. 

As the announcement is relatively new, we are awaiting more detailed information. Therefore, we encourage you to apply for this role, and will keep you informed with updated information throughout the application process.

Feedback will only be provided if you attend an interview or assessment.