Are you passionate about data protection and want to use your expertise to make a real difference in a values-driven organisation? At Change Grow Live, we believe in the power of respect, compassion, and collaboration — and that applies to how we manage information as much as how we support people.
We’re looking for a Data Protection Advisor to join our team and play a pivotal role in protecting personal data, managing risk, and supporting best practices across our national services.
This is more than just a compliance role — it’s an opportunity to contribute to the ethical and secure handling of information that supports some of the most important work in health and social care.
As a Data Protection Advisor, you’ll be leading on key data protection initiatives, including the management of Subject Access Requests (SARs), data protection impact assessments, and record retention processes. You’ll work closely with colleagues across People Services, IT, Operations, and external providers to ensure we meet regulatory requirements while supporting the day-to-day needs of our organisation.
Full Time Hours: 37.5 | Permanent | Hybrid working
Location: Flexible with national travel as required
Full Time Salary: £42,076.87 to £44,471.72 (Dependent on Experience)
* please note: Full-time hours at Change Grow Live are 37.5 hours per week. For part-time roles, the salary and payments will be pro rata based on contracted hours.
Oversee and manage the SAR process, including working with third-party providers to ensure timely responses.
Develop and update SAR guidance and processes in line with evolving legislation and best practice.
Provide expert advice and practical support on data protection matters across the organisation.
Lead on reviewing and advising on Data Protection Impact Assessments (DPIAs).
Support the maintenance of our Record of Processing Activities (ROPA) in collaboration with our national data protection and information security teams.
Manage shared inboxes related to SARs, DPIAs, and general data protection queries.
Escalate data protection risks and provide risk-based recommendations to senior colleagues.
Deliver training and build awareness of data protection responsibilities among non-specialist teams.
We’re looking for someone who combines technical knowledge with great people skills. You’ll be confident navigating data protection regulations, but equally comfortable explaining complex issues in a simple, practical way.
Strong knowledge of UK GDPR, DPA 2018, and PECR, with hands-on experience managing information rights requests (especially SARs).
Understanding of data privacy impact assessments, ROPA, risk management, and compliance frameworks.
Excellent communication skills — both written and verbal — with the ability to engage and influence a wide range of stakeholders.
Proven ability to manage competing priorities and adapt to a fast-paced environment.
Experience providing evidence-based, risk-balanced advice to senior managers.
Comfortable working autonomously and collaboratively across a national organisation.
Recognised qualifications in Data Protection (CIPP/E, PC.dp, BCS Practitioner Certificate, or equivalent).
Project management experience.
Work in a purpose-driven organisation that values integrity, collaboration, and continuous improvement.
Hybrid working with flexibility around location.
25 days annual leave (rising with service) + bank holidays, increasing annually for the first five years.
Access to wellness support, employee assistance programmes, and lifestyle discounts.
Ongoing professional development and opportunities for progression.
A friendly and supportive team culture where your expertise is valued.
If you’re looking for a role where your data protection expertise can make a meaningful impact, we’d love to hear from you.
Apply today and be part of a team that champions privacy, trust, and ethical practice in everything we do.
Software Powered by iCIMS
www.icims.com