Reed

GRC Analyst - Data Protection and GDPR

Hays Specialist Recruitment Limited

B31JP

£45,000 – £50,000

17 days ago

hybrid

Skills & Technologies

CGDPRPCI DSSCompTIAComplianceRegulatoryRecruitmentData ProtectionCommunication SkillsVerbal CommunicationDocumentationAttention to DetailInformation Security

Job Description

GRC Analyst - Data Protection & GDPR

Fixed Term Contract, 12 months - £45k - £50k

Location: Hybrid - Birmingham

Your new company

I am looking to recruit a GRC Analyst, focusing on Data Protection and GDPR, to join a leader in the hospitality space, with the role focusing on GRC activities, with a strong focus on information security, privacy, and regulatory assurance across the organisation.

The role responsibilities

This role focusses on data protection assurance and GDPR compliance, ensuring personal data is processed lawfully, and in line with regulatory and organisational requirements. Key parts of the role:

Reviewing how personal data is used across systems, business processes, and technology solutions.

Identifying opportunities to reduce, anonymise, or eliminate personal data processing where it is not essential to business needs.

Support the review, development, and rollout of information security and data protection policies.

Contribute to the management of information security, third party, and privacy risk registers.

Assist with internal and external audits, including GDPR assurance, PCI DSS, and financial audits.

Track remediation of identified security, privacy, and compliance issues to ensure timely closure.

Support incident and breach response activities, including investigation, documentation, and follow-up actions.

You will need

Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements.

Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role.

Ability to interpret and assess technical and organisational controls.

Strong analytical skills with excellent attention to detail.

Confident written and verbal communication skills, able to engage across legal, technical, and operational teams.

Experience contributing to incident or breach investigations.

Ability to manage multiple competing priorities and constructively challenge established processes.

Minimum 3 years' experience in a relevant role.

CIPP/E, CIPM, CompTIA Security+, or BCS Practitioner Certificate in Data Protection, desirable.

What you'll get in return

Salary of between £45k-£50k

Hybrid working

Company discounts

A pension contribution matched at 1.5x, up to 5%.

Private healthcare, dental plan, cycle to work, and keep-fit schemes.

26 days annual leave plus bank holidays.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Company & Role Analysis

JobSeeker+

Likely perks

Private MedicalPension25+ Days HolidayStock OptionsLearning BudgetFlexible Hours

Culture & working style

Neutral 2–4 sentence summary of what working at this company is like, drawn from public reviews and press coverage. Tone, collaboration style, pace, benefits highlights.

Unlock the full analysis for this job