Data Protection Officer

JOIN US AND BE YOU

Who we are looking for

As a Data Protection Officer (DPO), you will play a pivotal role in enhancing and advancing our data protection and compliance capabilities. Your key responsibility will be to develop a deep understanding of our data processing activities, ensuring that our organisation remains compliant with UK GDPR, the Data Protection Act 2018, and other relevant regulations.

Through collaboration with key stakeholders, you will strengthen our data governance framework, improve privacy practices, and embed a culture of compliance across the organisation.

Key responsibilities will include:

  • Ensure the Bank’s data processing activities comply with UK GDPR, Data Protection Act 2018, Financial Conduct Authority (FCA) guidelines, and Payment Services Regulations (PSR).
  • Maintain and update the Bank’s Data Protection Policy, Privacy Notices, and Retention Schedules to align with regulatory requirements.
  • Act as the primary contact for the Information Commissioner's Office (ICO) and oversee regulatory reporting for data breaches.
  • Develop and implement the Bank’s data protection and privacy framework, ensuring integration into business processes.
  • Conduct Data Protection Impact Assessments (DPIAs) for high-risk data processing activities, including payments, customer onboarding, and fraud monitoring.
  • Identify and mitigate risks related to data integrity, confidentiality, and availability, especially within cloud-based financial services and third-party payment providers.
  • Oversee third-party data protection risk assessments, ensuring vendors handling customer data comply with UK GDPR and ISO 27001.
  • Establish and maintain a data breach response plan, ensuring timely identification, reporting, and mitigation of security incidents.
  • Lead investigations into data breaches, assess their impact, and report qualifying breaches to the ICO within 72 hours as required by UK GDPR and work with IT Security and Risk teams to conduct root cause analysis and implement corrective measures.
  • Design and deliver mandatory data protection training for employees, including awareness on phishing, social engineering, and insider threats.
  • Ensure senior management and key business units understand their data protection responsibilities and implement best practices.
  • Promote a culture of data privacy and security, ensuring that data protection principles are embedded in day-to-day banking operations.
  • Manage Data Subject Access Requests (DSARs), ensuring customers can exercise their rights under UK GDPR (e.g., right to access, erasure, rectification, and data portability).
  • Maintain a comprehensive Record of Processing Activities (RoPA) to document all personal data handling processes, including those related to payments, KYC, and fraud detection.
  • Ensure data retention and deletion policies are adhered to, preventing unnecessary data storage risks.
  • Conduct regular reviews and assessments to ensure compliance with internal policies and external regulatory standards.
  • Identify control gaps, operational risks, and non-compliance issues, escalating findings to relevant stakeholders and contributing to remediation plans and the development of operational controls.
  • Contribute to the development, review, and enhancement of operational policies and procedures to maintain compliance with regulatory and risk management requirements.
  • Develop industry and technical expertise including assessing industry best practice and understanding new regulatory developments.
  • Engage with stakeholders as required to gather, analyse, interpret and present information as required.
  • Produce management information and reporting as required.

What you bring

  • Analytical Excellence: Demonstrate the ability to simplify complexities and deliver exceptional outcomes through a comprehensive review process, identifying areas for improvement and implementing effective solutions.
  • Rapid Learning: Adapt swiftly to evolving business dynamics, understanding and addressing process gaps as they emerge. Learn and integrate new product flows, establishing essential controls to bolster resilience capabilities.
  • Proactive and Disciplined: Display self-discipline, proactiveness, and high energy in delivering high-quality results within challenging timelines.
  • Effective Communication: Exhibit excellent communication skills and a positive, self-starting attitude that fosters an environment celebrating the unique talents, passions, and backgrounds of each team member.
  • Self-awareness and Grit: Showcase self-awareness and resilience in your unique narrative, emphasizing a keen learning agility, determination, and an eagerness for personal and professional growth.
  • Organisational Leadership: Possess exceptional organizational skills, with the ability to lead and execute multiple projects simultaneously within tight timelines. Thrive in a hands-on, fast-paced environment characteristic of a young and dynamic firm.

Work location

  • London (5 days per week in the office)

Travel to other locations may be required on occasion.

Diversity

The Bank of London is an equal opportunity employer committed to inclusion, diversity and belonging. All qualified applicants are welcome and will receive consideration for employment without regard to race, colour, age, religion or religious expression, sex, sexual orientation, gender or gender identity and expression, transgender, national origin, or military veteran status.

About Bank of London

A Safer Model for Business Banking - Bank of London operates a distinct business model. Unlike traditional banks, it does not lend, invest, or leverage deposits. Instead, all deposits are held in full at the Bank of England, ensuring they are always available on demand. This eliminates the risk of ‘bank runs,’ offering businesses a safer, more secure banking alternative.

Along with its safe deposit model, Bank of London offers a comprehensive suite of services, including:

  • Deposit-as-a-Service (DaaS) - with all client funds held with the Bank of England.
  • Embedded Banking – allowing clients to provide banking solutions to their customers.
  • Clearing, Payments, and Settlement for real-time solutions for regulated institutions.
  • Commercial Banking - payment and cash management tailored to business needs.

Innovation Powered by Proprietary Technology - Bank of London’s growth is driven by its proprietary technology and portfolio of patents. In collaboration with SAP Fioneer, the bank has developed a state-of-the-art platform for real-time clearing, payments, and settlement. These innovations support key services like Deposit-as-a-Service and Embedded Banking, positioning Bank of London as a leader in financial innovation.

We aim to deliver exceptional service to both internal and external customers. Guided by our core values of compassion, ownership, and curiosity, we ensure excellence in everything we do. In this role, you'll have the independence to make meaningful decisions, backed by comprehensive support to help us achieve outstanding results together.

Apply now