Data Protection & Compliance, GRC Senior Manager

Location: Leeds/DublinHybrid: 2 days per week (Dublin only) with occasional travel

What You’ll Do

• Establish and maintain data protection framework, policies, procedures and related documentation;
• Work with colleagues in other geographical locations to enable the development of global standards, knowledge transfer, and guidelines;
• Coordinate assurance activities across the three lines of defense, including internal audit, compliance testing, and external reviews, as required;
• Develop assurance reporting that provides clear insight into control efficiency, risk trends, and systemic weaknesses;
• Define and maintain control framework, mapping regulatory requirements;
• Coordinate control design efficiency reviews and operating effectiveness testing;
• Implement and mature the data protection risk management framework, aligned to Flutter’s Risk Management framework; assess risks across the Division and escalating and reporting as required;
• Horizon‑scan regulatory developments and assess impacts on the risk and control environment;
• Coordinate and be responsible for the data protection programme and projects;
• Establish and maintain data protection KRIs, control metrics, and assurance dashboards;
• Proactively resolve ad‑hoc queries related to complex analysis, acting as a proactive subject‑matter expert;
• Develop materials, own the rollout of training and awareness initiatives;
• Establish and maintain positive relationships with key partners across the Division;
• Line‑manage a team of two and act as a point of escalation on all data protection matters for junior members.

How You’ll Do It

• Have extensive experience operating a second‑line risk and assurance role within a GRC or risk management function;
• Possess a strong understanding of risk assessment methodologies and control testing;
• Hold industry‑recognised qualifications in data protection (CIPP/e, CIPM and/or CIPT through the International Association of Privacy Professionals (IAPP));
• Graduate (degree, master or equivalent) in Law, Business or a similar field;
• Demonstrate excellent validated knowledge of data protection and e‑privacy law in Ireland, UK and Europe;
• Have previous experience leading and mentoring teams;
• Be experienced in working with and running operations through data protection software platforms and possess strong MS Office skills, particularly Excel, SharePoint and PowerPoint;
• Be confident working cross‑functionally with all levels of management, both internally and externally.

What We’ll Offer You

• £1,000 learning fund;
• Twice‑yearly bonus (with part of it guaranteed);
• Pension contribution scheme;
• Private healthcare;
• Flexible ways of working – home or office, it’s your choice;
• Access to thousands of Udemy courses;
• Investment via the Company Sharesave Scheme;
• 16 hours paid volunteering time per year.

#J-18808-Ljbffr…