Data Protection Manager

Data Protection & Compliance Manager | GDPR, PECR, CCPA/CPRA & Consent Frameworks

Greenfield Privacy Function Build | Digital Product, Marketing & Ad-Tech

• UK-Remote - (optional London office)
• £60k-£75k + Bonus

This is an opportunity to join the technology and product team of a globally trusted media brand that has recently expanded into the financial comparison space (think CompareTheMarket or MoneySupermarket ). The platform is live and growing quickly , particularly across the US market.

The organisation does not yet have a formal Privacy & Data Protection function.

This role exists to build it from the ground up — defining standards, frameworks, tooling and operational workflows from scratch.

You’ll work closely with Product, Engineering, Marketing, Analytics and Ad-Tech teams to ensure data practices are compliant, transparent and technically sound.

The Role

You’ll design, implement and own the Privacy & Data Protection framework across multiple regions, with a particular focus on consent management, cookie/tracking behaviour, email compliance and US/UK/EU regulatory differences .

Your day-to-day will include:

• Establish and own the Privacy & Data Protection framework across UK, EU and US regions.
• Run DPIAs, DSARs, incident response and vendor reviews end-to-end.
• Map and document data flows across product, analytics, martech and CRM systems.
• Manage and optimise cookie and consent behaviour , including regional consent logic and 1st/3rd party tracking.
• Configure and maintain Consent Management Platforms (e.g., OneTrust or similar).
• Ensure compliant email and marketing data practices (opt-in records, suppression lists, unsubscribe hygiene).
• Advise Product and Engineering teams to embed privacy-by-design in new features.
• Lead internal training and act as the primary privacy contact across the business.
• This is a hands-on operational role , not policy-only.

Non-Negotiables:

• Hands-on experience in a Privacy / Data Protection role within a digital or data-led organisation.
• Practical experience configuring cookie/consent tools (e.g., OneTrust, TrustArc, Cookiebot).
• Clear understanding of explicit vs implicit consent and opt-in vs opt-out models (GDPR/PECR vs CCPA/CPRA).
• Confident managing email marketing compliance and CRM consent records.
• Experience building or establishing privacy processes or frameworks — not just maintaining existing ones.
• Able to translate regulatory requirements into practical product and technical implementation .

Nice to Have

• Experience in comparison, fintech or other high-traffic consumer platforms.
• Exposure to ISO 27001 / SOC 2 environments.
• Experience collaborating with security, DevOps or product engineering teams.

Why join:

• Greenfield build : You’re defining the privacy foundation — not inheriting one.
• Ability to meaningfully influence product direction and customer experience .
• Practical, modern, real-world approach to privacy (no checkbox compliance).
• Highly collaborative culture with autonomy and ownership.

Employee Benefits

• 10% performance bonus
• 100% remote (UK-based) – optional London office
• Private health cover
• Unlimited holiday
• Generous corporate benefits package

Data Protection & Compliance Manager | GDPR, PECR, CCPA/CPRA & Consent Frameworks

Greenfield Privacy Function Build | Digital Product, Marketing & Ad-Tech