• The Data Protection and Information Governance Manager will lead and develop Dudley Metropolitan Borough Council’s approach to information governance, ensuring compliance with national and European data protection legislation.

• This senior role within the Finance & Legal Directorate will provide expert professional advice on all matters relating to data protection, privacy, and information management, while shaping and delivering the Council’s Information Governance strategy.

• The post holder will work closely with senior management and elected members to drive high standards of compliance, risk management, and corporate assurance.

• Lead, develop and implement the Council’s Information Governance and Data Protection strategies, policies and procedures.

• Provide professional advice and guidance to senior management, elected members, and service areas on GDPR, UK GDPR, Data Protection Act 2018, and related legislation (including PECR).

• Act as the Council’s subject matter expert on all data protection and information governance matters.

• Manage data protection impact assessments (DPIAs), information risk assessments and incident management processes.

• Oversee the delivery of training and awareness programmes on data protection and information governance across the organisation.

• Monitor compliance with legal, statutory and policy requirements, producing reports and recommendations for improvement.

• Manage corporate information governance projects, ensuring that deadlines and quality standards are met.

• Provide assurance to the Corporate Information Governance Team (CIGT) and contribute to the wider transformation and digital innovation agenda.

• Ensure compliance with financial regulations, managing relevant budgets effectively to deliver best value.

• Substantial experience working with senior management on strategic and complex data protection or information governance issues.

• Proven track record in developing and managing corporate Information Governance frameworks and policies.

• Expert knowledge of GDPR, UK GDPR, Data Protection Act 2018, and PECR.

• Experience of implementing and managing data protection programmes within a large, public-facing organisation.

• Demonstrated ability to manage corporate projects and a varied work programme effectively.

• Strong understanding of information security principles and IT systems relevant to data management.

• Excellent communication skills – able to translate complex technical issues into plain language for diverse audiences.

• Experience of working with public sector stakeholders, including elected members.

• The closing date: 16/11/2025.

• Degree-level qualification (or equivalent experience) and relevant professional data protection certification (ISEB/BCS or equivalent).

• Commitment to Continuous Professional Development (CPD).

• Location: Dudley.

• Enhanced DBS is required.