At WHSmith our people are at the heart of everything we do. They are the ones that go the extra mile for our customers. The ones that enable our growth.
The Data Manager plays a key role in shaping and strengthening the organisation’s data management and protection capabilities across a global retail business. Working closely with the Data Protection Officer and Information Security leadership, the role enables the safe, compliant, and effective use of data to support growth, innovation, and customer trust.
This role provides the opportunity to bring greater coherence and clarity to data security across a global organisation, enabling teams in different regions to work confidently within a shared, well‑understood framework while continuing to meet local regulatory and operational requirements. A key part of this is using modern data privacy and security capabilities to increase visibility, support better decision‑making, and reduce the risk of unintended data exposure.
This is a hands‑on manager role with global reach, operating at the intersection of data governance, data security, privacy, and business enablement, with a clear pathway to expanded accountability and influence over time.
What you will be doing:
- Shape and deliver a cohesive Data Management and Data Security strategy that aligns with business priorities and risk appetite.
- Enable teams across regions to confidently access, understand, and apply data policies, making secure and compliant behaviour the natural way of working.
- Establish globally consistent approaches to data security, providing clarity and confidence for regional teams through clear guidance and proportionate controls.
- Support a reduction in data leakage and inappropriate exposure risk through improved governance, visibility, and informed use of supporting capabilities.
- Grow organisational understanding of the value of data, enabling its responsibility, effective, and innovative use.
- Establish and maintain a clear, practical global data governance framework across the full data lifecycle.
- Develop clear, user‑centred data management and data security policies that reflect how teams operate across regions.
- Drive consistency in global data practices while enabling appropriate local flexibility.
- Support adoption of policies through engagement, training, and collaboration with Data Sponsors.
- Ensure effective and proportionate retention, archiving, and lifecycle‑management practices.
- Act as a trusted partner on data protection matters, working closely with the DPO to support DPIAs and data‑related change.
- Own and mature privacy‑related operational processes.
- Enable transparent and constructive engagement with regulatory bodies as required.
- Work with internal teams and approved vendors to ensure privacy and security tools remain effective and fit for purpose.
- Use data discovery, classification, and privacy‑scanning capabilities to improve visibility of sensitive data and inform data‑handling decisions.
- Ensure supporting capabilities integrate smoothly with broader InfoSec and access‑control frameworks.
- Use insights from tooling to drive continuous improvement, remediation, policy refinement, and targeted training.
- Partner with Data Sponsors, Information Security, IT, Legal, Procurement, and Risk to embed strong, secure data practices into everyday operations.
- Promote least‑privilege access and secure‑handling principles across systems and regions.
- Support well‑governed third‑party and data‑sharing arrangements aligned with business needs.
- Support investigation and resolution of data incidents with a focus on learning and preventing recurrence.
- Identify themes and trends to drive maturity uplift and provide actionable reporting to senior leadership and governance forums.
What we are looking for:
- Experience with Data Governance, Policy & Organisational Enablement
- Understanding of Privacy, Compliance & Regulatory Support
- Increased organisational confidence in how data is identified, handled, and protected within a consistent global framework.
- Reduced risk of data leakage or inappropriate exposure through improved visibility and decision‑making.
- Strong, consistent capability to manage DSAR and RBF requests effectively.
- A clear and trusted understanding of what data is held across the organisation.
- Positive engagement and feedback from Executives and Data Sponsors, supported by demonstrable outcomes.
How we reward our teams:
- Hybrid Working Model from home and in the office
- 4pm Friday Finish
- Flexible Working
- 25 Days holiday, plus your Birthday off, plus Bank Holidays with an opportunity to buy extra days holiday
- Family Friendly Leave
- Company Pension scheme
- Sharesave Scheme
- Annual Bonus based on company and personal performance
- Competitive Salary and Car Allowance
- Private Medical
- Staff Discount Card for stores and online
At WHSmith, we’re all about creating an inclusive and welcoming workplace where everyone can be themselves and do their best. No matter your background, age, disability, gender, gender expression, gender identity, race or ethnicity, marital status, religion, sex, sexual orientation or anything else that makes you, you—you’re welcome here.
#J-18808-Ljbffr…