Privacy By Design Manager

• Privacy transformation (process ownership, improvement & simplification): Lead and own simplification and redesign of global privacy processes (e.g., DPIA, LIA, TIA and ROPA) and the supporting templates, playbooks and guidance, applying project/programme management discipline (scope, plan, milestones, and stakeholder governance) to drive delivery and adoption
• Operating model, decision thresholds & demand management: Lead and own the operating model for privacy engagement, including entry/exit criteria, proportionate decision thresholds and demand triage
• Support Responsible AI (RAI) processes: Lead and contribute to RAI process workstreams to improve and embed AI risk assessment processes into day-to-day delivery
• Automation & tooling: Lead delivery of privacy automation and tooling improvements
• work with Technology, Cyber Security and tool owners to embed privacy logic into enterprise workflows (e.g. OneTrust)
• Metrics, insights & reporting: Lead operational metrics, dashboards and reporting to track demand, cycle times, completion, incidents and risk trends for management reporting
• Audit actions, controls & quality: Partner with internal audit and own closure of audit actions, including root cause analysis and sustained remediation
• Stakeholder enablement & culture: Lead enablement to embed privacy by design ways of working, including training and awareness
• Market engagement: Lead engagement with local market privacy contacts to align delivery of global privacy and AI risk assessments
• Supplier compliance & scalable enablement: Lead scalable supplier enablement, embedding privacy and responsible AI requirements into supplier governance through standards, templates and guidance
• Privacy and RAI Operational Support: Provide operational support to the Privacy by Design team

• Strong experience in privacy, with proven ability to lead process improvement or transformation initiatives and drive adoption across a matrix organisation
• Strong understanding of relevant legislation including the GDPR, ePrivacy Directive and related regulatory expectations, with the ability to translate requirements into practical, scalable and proportionate processes
• Hands-on experience conducting and assuring privacy assessments (e.g., DPIAs, LIAs, TIAs) and maintaining core privacy records (e.g., ROPA), ideally using workflow tooling such as OneTrust
• Metrics driven mindset: ability to define KPIs, analyse operational data (e.g., volumes, cycle time, risk trends) and produce management ready reporting to drive continuous improvement
• Tooling and automation awareness (e.g., privacy tooling and workflow platforms), with the ability to identify and implement opportunities to standardise and automate low-risk or repeatable activities (OneTrust and Jira experience is advantageous)
• Excellent organisation skills, able to handle multiple requests with differing priorities and stakeholders
• Excellent command of English, and excellent interpersonal, oral and written communication and public speaking skills
• Comfortable working in a matrix organisation with tolerance for ambiguity. Persistence to drive change over time
• Courage to ‘stand up and be counted’ even when view is unpopular at a more senior level
• Ability to analyse complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner with different audiences
• Privacy accreditation such as the CIPP/E, CIPM or CIPT

OneTrust and Jira experience is advantageous

• Yearly bonus: 10%
• Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
• Charity days: 5 days/year
• Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
• Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
• Access to: private medical, private dental, free health assessments, share save scheme
• Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan