Assistant Manager Data Protection

• Governance and compliance
  • Maintain and implement Group data protection, records management, and information security policies and procedures.
  • Maintain records of processing (RoPA), retention schedules, and process maps; support international data transfer assessments.
  • Monitor and report on compliance; prepare findings and risk summaries for business leaders and Group stakeholders.
• Business partnering and assurance
  • Advise and train all India team members on Group policies, GDPR and records management; support DPIAs, LIAs, and vendor/privacy due diligence.
  • Plan and execute reviews/audits across all India teams; document non‑compliance and track remediation to closure.
  • Support integration activities post back office integration to embed Group standards consistently.
• Awareness and continuous improvement
  • Promote a strong data protection culture; support training, communications, and best‑practice sharing.
  • Keep current with regulatory changes; recommend updates to controls, templates, and guidance.
• Operations and incident management
  • Triage and coordinate data subject requests (e.g., access, erasure) and breach/incident notifications in line with policy and law.
  • Maintain SAR, incident, and breach registers; ensure timely, compliant responses and lessons learned.

Experience:

• This role would suit someone who is familiar with face-to-face customer interaction
• This role would suit someone who is looking to take their first step into a new role
• This role would suit someone who enjoys independent responsibilities and projects, whilst still working as part of a team
• You will need to have excellent communication skills and absolute fluency in English (written and spoken) – essential. 
• Skilled in simplifying complex topics for non-specialists, strong cross-cultural communication and stakeholder management
• You need to have a positive can-do attitude, be confident and have an eagerness to learn
• You will need to be competent in all Microsoft packages, especially Teams, Excel & Outlook

Conduct Rules and Fitness & Propriety

All PIB employees are expected to conduct themselves with integrity and professionalism, placing the customer at the centre of all we do and is central to our culture. You must adhere at all times to the FCA’s Conduct Rules set out below.

Individual Conduct Rules:

You must act with integrity. You must act with due skill, care and diligence. You must be open and cooperative with the FCA, the PRA and other regulators. You must pay due regard to the interests of customers and treat them fairly. You must observe proper standards of market conduct.

Compliance with the FCA Conduct Rules is required at all times and will be evidenced through annual performance reviews.

Fitness & Propriety

You will be assessed on a regular basis in line with PIB’s requirements to ensure that you:

Maintain your ‘fitness’ at an appropriate level to undertake the function you perform in a sound and prudent manner at all times-this relates to your experience, knowledge, skills and professional qualifications (where appropriate) and associated CPD. Maintain your ‘propriety’ at all times-this relates to good repute, honesty, integrity and financial soundness. This includes advising the firm of any changes in circumstances and conflicts of interest that could materially affect your fitness or propriety. Have undertaken or are undertaking all relevant training.

Compliance of Fitness & Propriety will be evidenced through PIB’s annual checks on Fitness & Propriety (e.g. financial soundness), through annual performance reviews and through completion of your Fitness & Propriety Declaration.

Person specification

Essential

Desirable

Experience

• Experience of obtaining, collating and analysing data from multiple sources.
• Experience of producing reports.
• Experience of managing own workload and handling multiple workstreams concurrently.
• Experience of establishing and maintaining positive working relationships.

• Experience of working in a data protection or compliance role.
• Experience of working in a review or audit role.
• Familiarity with information security systems and insurance trading platforms.

Knowledge

• Awareness of GDPR and national data protection laws.
• Must have 3 years’ experience working in Data Protection

• Knowledge of data processing operations in the Insurance sector.
• Professional certifications in data protection or information security such as CIPP/E or CISSO are desirable

Skills

• Excellent communication skills and absolute fluency in English both written and oral.
• Competent in use of Microsoft Office (Word, Excel, Outlook).
• Planning and organisational skills.
• Analytical skills, paying attention to detail.
• Can take responsibility for own workstreams and meet deadlines.
• Able to work independently and manage own workload.
• Able to work effectively in a team and as part of wider Group.