In House Data Protection Lawyer

  • Job Reference: 68063
  • Date Posted: 2 October 2018
  • Recruiter: Lipson Lloyd-Jones
  • Location: London
  • Salary: On Application
  • Bonus/Benefits: £Competitive
  • Sector: Commercial Contracts, Data Protection, Intellectual Property, In House
  • Job Type: Permanent
  • Work Hours: Full Time

Job Description


A leading international, full-service law firm.


The firm is now seeking a lawyer to work in-house, to sit in the Risk Management/General Counsel team based in London.

The team comprises in-house Legal Counsel, Risk Managers and Risk Lawyers and Business Acceptance Analysts, supporting the UK business and a number of the firm's international offices.

In conjunction with the firm's Director of Risk, Risk Lawyer and IT Security team, the focus of the role is to develop and manage the firm's data protection compliance, privacy and cyber security.

As well as continuing to develop the firm's Data Protection Compliance Programme created in response to the General Data Protection Regulation, it will involve managing and responding to cyber security risks, responding to information security client audits, managing subject access requests and reviewing data protection clauses in client terms and supplier contracts.

The role will also involve assisting the General Counsel with the review of commercial contracts entered into by the firm.

Responsibilities will include:

Assisting the Director of Risk in developing the information security and privacy strategy for the firm.

Continuing with the development of the data protection compliance programme in compliance with the General Data Protection Regulation.

Maintaining data protection policies and procedures, including the data breach policy.

Liaising with data protection experts in the firm's international offices, to ensure firm-wide compliance.

Providing advice and input on projects, from a data protection compliance perspective.

Working with the IT and IT Security team to assess cyber and information security risks for the firm and developing appropriate awareness and training programmes.

Carrying out privacy impact assessments on all systems processing personal data from time-to-time.

Monitoring and reviewing the firm's ICO registrations; dealing with the Information Commissioner on data breach investigations.

Working with the IT Security team in reviewing and responding to client cyber and information security audits.

From time to time, assisting the General Counsel with the review of commercial contracts affecting the firm.


A full understanding of the applicable regulatory framework.

Ability to design and implement data protection compliance programmes at a senior level.

Experience of information security standards such as ISO 27001

Experience in dealing with data security breaches, managing investigations and dealing with the regulator.

Lipson Lloyd Jones Ltd is acting as an Employment Agency in relation to this vacancy. Please note our advertisements use PQE levels purely as a guide to the minimum level of experience required. However we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfill this kind of work.