Head of Data Protection and Privacy

• Permanent Role
• Office or Flexible/Hybrid working for a better work/life balance
• We are proud to be a diverse employer, and we welcome candidates from all backgrounds

MAG

At MAG we provide the airport facilities and travel services that people need to connect with the world. As the largest UK owned airport operator, we serve over 60 million passengers a year from Manchester, London Stansted, and East Midlands Airports. With over 270 destinations across the globe, our businesses not only bring people together but also support the prosperity of the regions in which we operate. At MAG, we recognise creating a first-class journey for our customers starts by creating a first-class career journey for our colleagues and we are committed to building inclusive environments in which our people can thrive. You’ll also have access to some great benefits including:

• Bonus scheme
• 10% company contribution pension
• Car allowance
• Private medical scheme
• 25 days holiday plus bank holidays
• Free parking
• Subsidised public transport
• Huge range of company discounts
• 2 volunteering days per year
• Free Virtual GP service, available 24 hours a day, 7 days a week
• Care Concierge service

The Role

As Head of Data Protection and Privacy, you’ll play a critical role in ensuring regulatory compliance and best practice across GDPR, PECR, US state privacy laws, and ISO27001/ISO27701. Reporting directly to the Chief Information Security Officer (CISO), you’ll be responsible for driving the data protection strategy, managing regulatory relationships, and leading a team to embed a culture of privacy compliance across MAG and CAVU.

You’ll be the nominated Data Protection Officer (DPO) for MAG and CAVU, serving as the primary contact for the Information Commissioner’s Office (ICO) and other regulatory bodies. This is a senior leadership role requiring expertise in data protection, compliance, and risk management, alongside the ability to work across business functions to align priorities with key strategic objectives.

What will make you successful?

• You’ll have experience in data protection, compliance, or cybersecurity, with in-depth knowledge of GDPR, PECR, ISO27001, ISO27701, and US privacy laws.
• Strong regulatory and compliance leadership – Proven experience managing compliance programs, liaising with regulatory bodies, and handling notifiable incidents with the ICO.
• Strategic thinker and problem solver – Ability to define and implement a data protection strategy, ensuring alignment with business goals and continuous improvement in compliance activities.
• Risk management and governance – Experience developing and enforcing policies, risk management frameworks, and audit programs to support data privacy and information security objectives.
• Stakeholder management and communication – Ability to influence and advise senior leaders, legal teams, and internal audit functions while delivering training and awareness programs across the organisation.
• Team leadership and collaboration – Experience leading and developing high-performing teams, with a strong focus on fostering a culture of privacy awareness and compliance.
• Industry-recognised certifications – Ideally holding certifications such as CIPM, CIPP/E, CIPT, ISO27001 Lead Auditor/Implementor, CISM, or CISSP.

This is a fantastic opportunity to shape the future of data protection and privacy at MAG, ensuring compliance, risk management, and security remain at the heart of our operations.

Equal Opportunities & Reasonable Adjustments

At MAG we believe in the importance of diversity & inclusion for all. We are committed to creating a workforce that is reflective of our society. As such we welcome applications from candidates from all backgrounds.

We’re also committed to well-being with a focus on mental health and supporting colleagues from underrepresented groups through our Colleague Resource Groups.

As a Disability Confident employer, we are committed to creating an environment where candidates and employees can perform at their optimum. Please let us know if we can provide you with any reasonable adjustments to aid your application or interview process.

You can contact the team by emailing HR.Recruitment@MAGAirports.com

Our Colleague Resource Groups include: Women’s Network, Embrace – Race & Ethnicity Group, Fly With Pride (LGBTQIA+), Mental Health, Parent & Carers, Disabilities including neurodiversity.