Head of Data Compliance

About Us

Roke is a world‑class engineering and technology company, with a trusted and long‑standing record of delivery spanning research & development, products, managed‑services and consultancy, serving customers across the globe. The markets Roke operates in are broad, but they are frequently cross‑cutting at engineering and delivery levels. Markets include Defence, National Security, Intelligence sectors with diversity being at the centre of Roke’s strategy.

Joining a team united by purpose and ambition, you’ll be at the heart of an exciting growth journey. At Roke, every individual counts. We push past technical boundaries together. We re‑invest in product innovation, and we empower our people to make a difference.

This is a senior role where you will take the lead on all data protection, GDPR compliance and wider data compliance issues, as well as data risk matters. The role has arisen due to the incumbent retiring from the Company. You will report directly to the General Counsel.

We welcome applications from those who come from a different industry to ours and from both public or private sector organisations; we understand that diversity of thought brings its own benefits to Roke and a fresh perspective on how we do things. This role may be a level transfer from someone who wishes to take on a new challenge or a promotion for someone who wishes to progress to the next level in their career.

Lastly, we understand that different people have different skills and experiences and therefore you might not be able to meet every responsibility or have the necessary experience listed below. However, we appreciate that you will bring other skills and experiences to us and would therefore encourage you to apply. You have nothing to lose!

• Proven leadership experience in data protection and privacy.
• Ability to influence senior stakeholders and communicate effectively at all levels.
• Exceptional interpersonal skills and being able to build relationships both within the team and with stakeholders across the Company including Engineers, Project Managers, Finance, HR, Supply and Commercial teams.
• Strong written and verbal communication skills; the ability to write and articulate issues and risks clearly and succinctly and relay these verbally.

• Act as the primary point of contact for data privacy matters across the business.
• Develop and implement strategies, policies and controls to ensure compliance with data protection legislation.
• Maintain statutory records, including Records of Processing Activities and Legitimate Interest Assessments.
• Respond to Data Subject Access Requests.
• Monitor regulatory developments and update internal policies accordingly.

• Ensure Privacy by Design principles are embedded in projects, including assisting with the preparing of Data Protection Impact Assessments (DPIAs).

• Lead investigations into suspected or actual data breaches, ensuring timely assessments, containment, documentation, root cause analysis and making recommendations to General Counsel on appropriate actions.
• Collaborate with the Security Team on information security to ensure robust data security measures.

• Review of data protection clauses in contracts, Data Processing Agreements and Standard Contractual Clauses.
• Work with the Supply and Commercial Teams to ensure compliance with data protection requirements.

• Deliver training on data compliance principles to all new employees.
• Develop and deliver training programs to embed data protection awareness across the Company.

• Define and track KPIs for data protection compliance.
• Plan and execute regular internal audits to identify and mitigate risks proactively.
• Assist General Counsel in engaging with relevant regulatory bodies including with the ICO when necessary.

• Working knowledge of utilising artificial intelligence within a technology business, measuring the associated risks and experience in leveraging its potential use as an enabler when used…