Data Protection Advice Officer
Job summary
The Data Protection Advice Officer position is an exciting and multifaceted role that offers the chance to work with staff across UKHSA. You will work closely with the UKHSA's Data Protection Officer and Senior Data Protection Advisor to ensure personal information is processed in a manner that is lawful, proportionate and builds public trust.
Our work ranges from preparing for future health security threats, developing tools and insights on how to best protect against them, responding to health threats every day at local, national, and international level as well as building and investing in scientific and public health capabilities to protect the country's health now and in the future. We are in search of an individual with a sound knowledge of data protection rights and obligations under the UK General Data Protection Regulation and Data Protection Act and the ability to apply this knowledge, providing strong data protection advice in a-fast paced, technology rich environment.
Previous experience of advising on data protection matters is essential although this needn't have been in a government setting. Having worked in a regulatory, legal, or Cyber security environment is desirable but not a requirement.
Main duties of the job
- The Data Protection Advice Officer will lead work to review UKHSA's Data Protection Policy and any supporting standards and processes which support it.
- You will report to the Senior Data Protection Advisor (SEO) and work principally with them.
- You will also liaise with the UKHSA Data Protection Officer, teams in the Information Management and Privacy division, as well as other teams to identify key requirements and changes, taking forward the development and implementation of UKHSA Data Protection Policy, governance, assurance, and guidance throughout UKHSA.
- You will be responsible for the implementation of the Policy throughout UKHSA, leading on the review of legislative and policy requirements for assurance, engaging with other areas and key stakeholders to understand the business needs and the promotion of Data Protection Policy.
- The Data Protection Advice Officer will support the development and delivery of data protection training needs to support the Data Protection Security Toolkit (Training Committee, responsible for training and delivery), to co-ordinate the work of this group and support delivery of training requirements to meet data protection and Information Governance (IG) requirements as required under the UK GDPR and other training requirements of that framework.
About us
We pride ourselves as being an employer of choice, where Everyone Matters promoting equality of opportunity to actively encourage applications from everyone, including groups currently underrepresented in our workforce.
UKHSA ethos is to be an inclusive organisation for all our staff and stakeholders. To create, nurture and sustain an inclusive culture, where differences drive innovative solutions to meet the needs of our workforce and wider communities. We do this through celebrating and protecting differences by removing barriers and promoting equity and equality of opportunity for all.
Please visit our careers site for more information https://gov.uk/ukhsa/careers
Job description
Job responsibilities
Responsibilities will include
- ensure data protection initiatives or processing activities receive the data protection advice and comply with data protection law.
- support the development and delivery of key data protection activities including policy review and development, advising, and ensuring supporting activities align with lawful data protection and IG requirements, as required under the UK GDPR.
- ensure data protection advice is provided throughout the lifecycle of the activities and all relevant stakeholders are kept updated with progress, lessons learned and outputs.
- coordinate outcomes from key data protection activity and data protection initiatives including support to the delivery of the DSPT Training Committee, providing feedback to key stakeholders to implement identified solutions to overcome any shortfalls.
- develop network of SMEs across the Information Governance and Cyber functions within UKHSA, DHSC and the wider IG profession.
- Other activities as required by business need.
Essential criteria:
- a sound knowledge of data protection obligations under the UK GDPR legislation and Data Protection Act and ability to apply this knowledge and provide data protection advice inputting to the development of data protection guidance and policies.
- good experience of collaborating with stakeholders; evidence of good communication skills, including building good working relationships
- Good organisational skills and ability to prioritise work in a busy environment to meet work deadlines.
- good understanding of Information Governance, key data protection principals and how these are applied in a project or non-project environment.
- awareness of risk and processing risks within a data protection context
- ability to promote diversity, inclusion and equality of opportunity, respecting differences.
- experienced and competent in the use of MS Office applications (specifically Word, Excel and PowerPoint) and SharePoint.
- ability to interpret legal requirements from GDPR legislation, to analyse and apply to advice requirements.
Desirable criteria:
- Experience of working in a Regulatory, Legal or Cyber security environment.
Selection Process Details:
This vacancy is using Success Profiles and will assess your Behaviours
Stage 1: Application & Sift
Please note you will not be able to upload your CV. You must complete the application form in as much detail as possible. Please do not email us your CV.
You will be required to complete an application form. You will be assessed on the listed 8 essential criteria, and this will be in the form of a:
- Application form (Employer/ Activity history section on the application)
- 1250-word supporting statement.
This should outline how your skills, experience, and knowledge, provide evidence of your suitability for the role, with reference to the essential criteria.
The Application form and supporting statement will be marked together.
Longlisting: In the event of a large number of applications we will longlist into 3 piles of:
- Meets all essential criteria these will be taken through to shortlisting
- Meets some essential criteria
- Meets no essential criteria
Shortlisting: In the event of a large number of applications we will shortlist on a sound knowledge of data protection obligations under the UK GDPR legislation and Data Protection Act and ability to apply this knowledge and provide data protection advice inputting to the development of data protection guidance and policies.
Desirable criteria may be used in the event of a large number of applications/large amount of successful candidates
If you are successful at this stage, you will progress to interview & assessment
Please do not exceed 1250 words. We will not consider any words over and above this number.
Feedback will not be provided at this stage.
Stage 2: Interview (success profiles)
You will be invited to a single remote interview.
Behaviours will be tested at interview.
The Behaviours tested during the interview stage will be:
- Working Together
- Delivering at Pace
- Changing and Improving (lead behaviour)
- Communicating and Influencing
Interviews will be held week commencing 1st September 2025. Please note, these dates are subject to change.
Eligibility Criteria
External
Open to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants).
Security Clearance Level Requirement
Successful candidates must pass a disclosure and barring security check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is Basic Personnel Security Standard
Location
Hybrid any Core HQ
This role is being offered as hybrid working based at any of our Core HQs. We offer great flexible working opportunities at UKHSA and operate using a hybrid working model where business needs allow. This provides us with greater flexibility about how and where we work, to get the best from our workforce. As a hybrid worker, you will be expected to spend a minimum of 60% of your contractual working hours (approximately 3 days a week pro rata, (averaged over a month) working at one of UKHSA's core HQs (Birmingham, Leeds, Liverpool, and London).
Our core HQ offices are modern and newly refurbished with excellent city centre transport link and benefit from benefit from co-location with other government departments such as the Department for Health and Social Care (DHSC).
Person Specification
Application form and supporting statement
- Application form and supporting statement
Behaviours
- Changing and Improving (lead behaviour)
- Working Together
- Delivering at Pace
- Communicating and Influencing
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Certificate of Sponsorship
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website.
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants.
Employer details
Employer name
UK Health Security Agency
Address
London, Birmingham, Leeds or Liverpool
London
E144PU
Employer's website
https://www.gov.uk/government/organisations/uk-health-security-agency
- Company
- UK Health Security Agency
- Location
- London, United Kingdom E144PU
Hybrid / WFH Options - Employment Type
- Permanent
- Salary
- £31997.00 - £43552.00 a year
- Posted
- Company
- UK Health Security Agency
- Location
- London, United Kingdom E144PU
Hybrid / WFH Options - Employment Type
- Permanent
- Salary
- £31997.00 - £43552.00 a year
- Posted