Risk Advisor - Data Protection

Bristol, Cardiff, Croydon, Liverpool, Salford, Newcastle
£33,080 - £40,911 + benefits
11 Jan 2022
25 Jan 2022
Contract Type


At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve.

We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you.

Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role.

This is an exciting opportunity to become involved in HMRC's ambitious initiative to ensure its comprehensive data holdings are processed in a way that is fully aligned with data protection laws. Joining HMRC's Chief Data Office (CDO) and supporting HMRC business objectives, as a Data Protection Risk Advisor, you will support the identification and understanding of data protection risks across HMRC.

HMRC has one of the largest customer bases and most complex IT estates in the UK. We run the biggest digital operation in Government, providing digital services for 45 million individuals and 4.9 million business customers.

We focus on our people, with clearly defined career pathways that are rewarding, fulfilling and achievable. We have flexible ways of working to help everyone handle their own work/life balance. And we're creating an authentically diverse and inclusive work environment where everyone feels able to bring their whole self to work.

Job description

You will be based in the Office of the Data Protection Officer, which is an independent office created in response to the implementation for the General Data Protection Regulation 2018 with a role to:

  • Support stakeholders with the identification and assessment of data protection risks.
  • Help to raise awareness of data protection risks and requirements.
  • Inform and advise the organisation and its employees on their obligations under UK GDPR.

You will work in a team of around 17 risk discovery professionals to drive forward the discovery, understanding and articulation of data protection risk across the department. This is a newly formed team and as such you will be breaking new ground and helping to shape the team.

You will play a key role in helping HMRC to identify data protection risks across the department's operations, from risks inherent to local business areas, to those subsisting within major change programmes and IT service provision.

You will be working alongside designated business areas to help them identify and build a better understanding of their data protection risks, as well as helping to increase awareness of data protection requirements across the department. Through the provision of advice and guidance, you will be a key advocate for improving and implementing GDPR compliance throughout HMRC.

As a Risk Advisor, you will be expected to become fully conversant with the principles of data protection legislation and be able to translate and confidently communicate that understanding to support your colleagues, the wider Department, and its Suppliers.

What will the ideal candidate look like?
You will be an excellent communicator, with the confidence to challenge senior colleagues. You will be keen to develop data protection knowledge and encourage best practice across HMRC

The duties/responsibilities listed above describe the post as it is at present and is not intended to be exhaustive. The Job Holder is expected to accept reasonable alterations and additional tasks of a similar level that may be necessary. Significant adjustments may require re-examination and shall be discussed in the first instance with the Job Holder.


  • Communication skills both orally and written.
  • Ability to influence stakeholders across various business areas and grades.
  • Ability to quickly analyse information and make robust judgements and recommendations.
  • A basic understanding and appreciation of data protection principles (further data protection training can be undertaken on the job).

Essential Criteria:

  • Excellent communication skills, both verbally and in writing.
  • Confidence and innovation in the way you communicate with a proven ability to engage with stakeholders and colleagues and across teams to deliver outcomes.
  • Experience of managing relationships with a large group of stakeholders including at senior levels with different needs and expectations.
  • A self-starter with the ability to operate and formulate plans in areas of ambiguity.
  • Good IT skills and aptitude in using Microsoft Office & O365 Tools.
  • A basic understanding and appreciation of data protection principles (further data protection training can be undertaken on the job).

Desirable criteria:

  • Experience / qualifications in Risk Management.
  • Experience / qualifications in data protection (or related disciplines).


  • Learning and development tailored to your role
  • An environment with flexible working options
  • A culture encouraging inclusion and diversity
  • A Civil Service pension

Team members that are moving offices as a result of the Locations Programme will be entitled to a Moves Adjustment Payment for three years where they incur additional costs. This is calculated based on the difference between the costs of travelling to and from the new and old office, over a weekly period. You will get more detail on this as part of targeted locations move communications.

Apply before 11:55 pm on Monday 24th January 2022


Similar jobs

Similar jobs