Data Protection Officer

Group Data Protection Officer (DPO)

Sovereign AI | Taylor Root (Retained Search)

Exclusive Recruiter: Tom Woods

Sovereign AI is a UK‐based AI infrastructure and solutions provider building the next generation of sovereign‐grade AI data centres across EMEA.

We operate where AI, cloud and critical infrastructure intersect, enabling commercial and government customers to deploy advanced AI with confidence in environments where performance, reliability, and compliance are non‐negotiable. Sectors include Government, Defence and Healthcare, where data sovereignty, privacy and trust are foundational.

As the business continues to scale, we’re hiring a Group Data Protection Officer to lead a modern privacy programme across AI infrastructure, cloud platforms, and data centre operations embedding trust into the technology stack while enabling responsible innovation.

It’s for a builder who thrives in fast‐moving environments comfortable translating complex regulation into clear, pragmatic guidance and standing up frameworks that scale, while working at start-up pace.

This role will be 3 days a week in the Central London office (Fenchurch Street being the closest station).

It is a role for someone commercially minded, decisive, and motivated to partner closely with Engineering, Infrastructure, Security, IT, and Commercial.

The role reports to the Group General Counsel.

The opportunity

You’ll own the enterprise‐wide privacy framework, provide independent oversight of UK GDPR and general oversight of global privacy compliance, and help shape how Sovereign AI delivers responsible AI for regulated and sovereign environments. You’ll have the authority to escalate material risks and engage directly with senior leadership and regulators.

What you’ll be doing

• Leadership & governance — Own and oversee the group data protection framework across AI platforms and data centre operations.
• AI & data governance — Advise on privacy in model development, training data and inference systems, aligned to emerging AI regulatory expectations.
• Privacy by design — Embed by‐design/default principles into architecture and product lifecycles.
• DPIAs & high‐risk processing — Lead assessments for large‐scale, sensitive or novel processing in sovereign/regulated contexts.
• Sovereign data & localisation — Guide data residency, cross‐border transfers and EMEA sovereignty requirements.
• Regulatory engagement — Act as primary contact for regulators (e.g., ICO); manage audits and investigations.
• Incident & breach management — Oversee assessment, notification obligations and remediation.
• Data subject rights at scale — Ensure robust DSAR processes across complex infrastructure environments.
• Third‐party & ecosystem risk — Strengthen due diligence and contractual controls across vendors, partners and customers (including hyperscale/infrastructure relationships).
• Training & culture — Drive awareness and accountability through training, policy and leadership engagement.

Process / how to apply

Taylor Root and Tom Woods have partnered with Soveriegn AI, and are the exclusive recruiter for this position, running the full process end‐to‐end. If you’re interested, want a quick steer on fit or compensation before applying please reach out directly: thomaswoods@taylorroot.com.