Data Protection Officer

Company: Mishcon de Reya LLP
Apply for the Data Protection Officer
Location: Greater London
Job Description:

Job Summary

Mishcon de Reya is looking to recruit an experienced Data Protection Officer (DPO). The DPO will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the EU GDPR, the UK GDPR and other relevant legislation. The DPO will be responsible for advising on, and where required carrying out, staff training, data protection impact assessments, data transfer impact assessments, and internal audits.

Key Responsibilities

This role sits in the Risk & Compliance Department and will work closely with the firm’s fee earning Data Practice Group to develop and monitor policies and standards applicable to the business and in compliance with the EU GDPR, UK GDPR and other relevant legislation. Duties will include:

  • Implementing measures and a privacy governance framework to manage data use in compliance with the EU GDPR, UK GDPR and other relevant legislation, including developing methodologies for data collection which are compatible with our approach to excellent client service, advising on and assisting with data mapping and records of data processing, and vendor management reviews. The ownership of enterprise-wide data asset registers and broader data architecture remains with the Data Governance function.
  • Working with key internal stakeholders in the review of operations and projects and related data processing to ensure compliance with data privacy laws, and where necessary, advising on and monitoring data protection privacy impact assessments.
  • Reviewing vendor contracts (including relevant standard contractual clauses for international data transfers) and owning the privacy authorisation and assessment of third‑party processing activities, including oversight of privacy‑specific contractual controls (such as Article 28 clauses, SCCs and IDTAs), while working in partnership with Procurement.
  • Ensuring any filing/notification and fee requirements with the Information Commissioner and other supervisory authorities in the jurisdictions we operate are achieved.
  • Participating in the relevant internal data governance committees.
  • Managing and conducting ongoing reviews of our privacy governance framework and regular and ad hoc reporting on data privacy compliance within the organisation.
  • Monitoring changes to relevant privacy laws and making recommendations when appropriate.
  • Setting standards and reviewing policies and procedures globally that meet the requirements under the EU GDPR and UK GDPR and any localisation requirements in countries of operation.
  • Developing and delivering privacy training to various business functions and collaborating with appropriate internal teams to raise employee awareness of data privacy and security issues.
  • Developing strategies and initiatives to ensure engagement with key internal and external stakeholders.
  • Coordinating, conducting and monitoring data privacy audits.
  • Collaborating with internal teams to maintain records of all data assets and exports, and maintaining a personal data security incident management plan to ensure timely remediation of incidents impacting personal data including impact assessments, breach response, complaints, claims or notifications.
  • Providing privacy expertise into AI governance processes, including advising on data protection considerations within AI systems, automated decision‑making and emerging technologies as part of relevant DPIAs and risk assessments.
  • Working with internal stakeholders and team members to respond and advise on data subject rights requests, including data subject access requests (DSARs) and other requests from individuals. This includes meeting statutory DSAR response deadlines and fulfilling data breach notification obligations.
  • Working with designated privacy lawyers, subject matter experts or champions across the firm and, where necessary, outside legal advisers to help advise on data privacy law issues.
  • Ensuring accountability for core privacy operational outcomes, including timely completion of DPIAs, maintaining accuracy and completeness of Records of Processing Activities (RoPA).
  • Working in close partnership with the Data Governance Manager and Information Security to ensure alignment and a coordinated oversight with clear escalation routes and effective management of data‑related risks across functions.
  • Promoting effective work practices, working as a team member, and showing respect for co‑workers.

Skills/Experience

  • At least 3 – 5 years PQE / data privacy experience required.
  • Experience in EU and UK data privacy laws.
  • 3 years’ experience within compliance, legal, audit and/or risk function, with recent experience in privacy compliance.
  • Experience in developing policy and compliance training.
  • Experience working in a regulated industry preferred.
  • Law degree or post‑graduate legal qualification required.
  • Hold at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB, etc. (preferred) or willingness to achieve within a short period of joining.

Knowledge, Skills and Abilities

  • Strong knowledge of UK and European data privacy and data protection regulation, and a good understanding of other major privacy frameworks and evolving legislation worldwide.
  • Sufficient knowledge of information technology and data management systems required.
  • Well‑developed and professional interpersonal skills; ability to interact effectively with people at all organisational levels of the firm.
  • Ability to work unsupervised, exercise leadership and influence change.
  • Excellent writing and presentation skills.
  • Strong change and project management skills, including the ability to manage time well, prioritise effectively and handle multiple deadlines.
  • Ability to undertake large, long‑term projects, develop alternative methods to complete them and implement solutions.
  • Ability to use independent judgement and discretion when making majority of decisions.
  • Detail‑oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
  • Ability to handle confidential and sensitive information with the appropriate discretion.

About

The Mishcon de Reya Group is an independent, international professional services business with law at its heart, employing over 1450 people with over 650 lawyers. It includes the law firm Mishcon de Reya LLP and a collection of leading consultancy businesses that complement the firm’s legal services.

Mishcon de Reya LLP is based in London, Oxford, Cambridge, Singapore and Hong Kong (through its association with Karas So LLP). The firm services an international community of clients and provides advice in situations where the constraints of geography often do not apply. Its work is cross‑border, multi‑jurisdictional and complex, spanning seven core practice areas: Corporate; Dispute Resolution; Employment; Impact; Innovation; Private; and Real Estate.

The Mishcon de Reya Group includes consultancy businesses MDR Discover, MDRi (in Hong Kong), MDR Mayfair (in London, Singapore and Dubai), MDR ONE and MDRx. The Group also includes MDR Lab, which invests in the most promising early‑stage legal tech companies as well as the Mishcon Academy, its in‑house place of learning and platform for thought leadership.

Earlier this year, the Group announced its first strategic acquisition in the alternative legal services market, flexible legal resourcing business Flex Legal. It also acquired a majority stake in Somos, a global group actions management business.

We strive to create a fully diverse and inclusive workplace where all our people are empowered to fulfil their potential. We are proud of our agile working culture and are always happy to talk flexible working.

Please note that this job profile is not an exhaustive list of duties but merely an outline of the key components of the role. You may be required by your line manager to take on additional responsibilities when requested.

#J-18808-Ljbffr…

Posted: April 4th, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire

Latest Job Pages: