Data Protection Officer
MERITUS are recruiting for a Data Protection & AI Governance Business Partner to join a leading software organisation, supporting enterprise-wide privacy, compliance, and responsible AI initiatives across a diverse portfolio of technology products and services.
DATA PROTECTION & AI GOVERNANCE BUSINESS PARTNER – REMOTE – 4-MONTH CONTRACT – INSIDE IR35 – UP TO £500 PER DA
Y
This role requires a CIPP/E-qualified Data Protection professional with 4-5 years' experience working within a software house, SaaS provider, or technology-led organisation in a similar Data Protection, Privacy, or AI Governance positio
n.
As a Data Protection & AI Governance Business Partner, you will play a key role in operationalising privacy and AI governance frameworks, delivering expert advisory services, and supporting responsible innovation across the business. Working within a specialist compliance team, you will partner closely with Product, Engineering, Technology, Operations, HR, Legal, and Security teams to ensure privacy and AI governance requirements are embedded throughout the organisati
on.
This is an excellent opportunity for an experienced privacy professional with a strong background in GDPR compliance, supplier assurance, privacy impact assessments, and emerging AI governance practices within a software development environm
ent.
Key Responsibili
- ties:Lead supplier assurance reviews for AI systems and data protection matters, assessing contractual and technical controls and approving supplier assurance outcomes within delegated authority le
- vels.Work with stakeholders across the business to identify and remediate gaps within Article 30 Records of Processing Activities (R
- oPA).Lead and facilitate Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), and AI Impact Assessm
- ents.Review privacy and AI risks, recommending practical mitigations and assessing readiness for implementa
- tion.Act as a trusted advisor to business stakeholders, providing pragmatic guidance on UK GDPR, Data Protection Act 2018, PECR, ISO 27701, AI governance principles, and internal compliance framew
- orks.Support the implementation and continuous improvement of privacy and AI governance controls across products, services, and business proce
- sses.Collaborate with Product, Engineering, and Technology teams to ensure privacy-by-design and responsible AI principles are embedded into solut
- ions.Support compliance projects and governance initiatives as required by the Data Protection Officer and Head of Data Protection & AI Govern
- ance.Contribute to risk management activities, governance reporting, and wider compliance object
ives.
Skills & Exper
- ience:CIPP/E certification is esse
- ntial.4-5 years' experience working in a similar Data Protection, Privacy, or AI Governance role within a software house, SaaS provider, or technology organis
- ation.Strong working knowledge of UK GDPR, Data Protection Act 2018, PECR, and privacy governance frame
- works.Proven experience conducting DPIAs, LIAs, supplier due diligence reviews, and privacy risk assess
- ments.Experience supporting privacy governance frameworks such as ISO
- 27701.Working knowledge of AI governance principles, responsible AI frameworks, and AI risk assessment methodol
- ogies.Strong stakeholder management skills with the ability to influence both technical and non-technical audi
- ences.Demonstrable experience operationalising governance frameworks and driving compliance adoption across business func
- tions.Strong analytical and problem-solving skills with a pragmatic approach to risk manag
ement.
Des
- irable:CIPM certifi
- cation.CIPT qualifi
- cation.Experience with AI/ML governance frameworks, NIST AI Risk Management Framework, or equivalent AI governance sta