12 Month Fixed Term Contract

Collinson is the global, privately-owned company dedicated to helping the world to travel with ease and confidence. The group offers a unique blend of industry and sector specialists who together provide market-leading airport experiences, loyalty and customer engagement, and insurance solutions for over 400 million consumers.

Collinson is the operator of Priority Pass, the world’s original and leading airport experiences programme. Travellers can access a network of 1,500+ lounges and travel experiences, including dining, retail, sleep and spa, in over 650 airports in 148 countries, helping to elevate the journey into something special. We work with the world’s leading payment networks, over 1,400 banks, 90 airlines and 20 hotel groups worldwide.

We have been bringing innovation to the market since inception – from launching the first independent global VIP lounge access Programme, Priority Pass to being the first to sell direct travel insurance in the UK through Columbus Direct and creating the first loyalty agency of its kind in the travel sector with ICLP. Today we still invest heavily in innovation to ensure that we continue to deliver superior customer experiences.

Key clients include Mastercard, American Express, Cathay Pacific, British Airways, LATAM, Flying Blue, Accor, EasyJet, HSBC, Chase, HDFC.

Our mission is focused on doing good beyond profit, which for us means we seek out opportunities for our people to share in our success and that we give back to the communities and people within which we work.

Never short of ambition, the success of our business is delivered through the diverse and talented team of over 2,200 global colleagues.

Purpose of the job

We have an exciting new role opportunity within Risk and Compliance for a Data Protection Governance Specialist. This role will be instrumental in supporting the development, maintenance and enhancement of Collinson’s data protection compliance framework. Working as part of the Data Protection team, the role will focus on ensuring data protection policies, procedures, guidance documents, templates and governance materials are accurate, consistent, practical and aligned with applicable legal and regulatory requirements. The role will help strengthen accountability, improve framework maturity and support the business in applying data protection requirements in a clear, proportionate and risk-based way.

Key Responsibilities

· Support the maintenance and enhancement of Collinson’s data protection compliance framework, ensuring policies, standards, procedures and guidance remain accurate, practical and aligned to applicable data protection laws.

· Review, update and develop data protection policies, process documents, templates, playbooks, checklists and internal guidance materials.

· Work with the Group DPO and wider Data Protection team to improve the structure, consistency and accessibility of core data protection documentation.

· Support the embedding of data protection governance processes across the business, including clear ownership, escalation routes, approval flows and evidence of compliance.

· Assist with the implementation and ongoing improvement of the organisation’s data protection accountability framework, including alignment with recognised regulatory expectations such as the ICO Accountability Framework.

· Help maintain key data protection governance records, including policy registers, control trackers, action logs, compliance evidence and framework maturity assessments.

· Support the development of practical guidance for business stakeholders on topics such as lawful basis, transparency, retention, international transfers, DPIAs, process management, records of processing and data protection by design and by default.

· Assist in identifying gaps, inconsistencies, or outdated materials within the existing data protection framework and propose proportionate improvements.

· Work with stakeholders across various business functions to gather information and support the implementation of framework improvements.

· Support the preparation of data protection reporting materials, including progress updates, risk summaries, action plans and governance dashboards.

· Contribute to the development and refresh of data protection training and awareness materials, ensuring they reflect current policies, processes and regulatory expectations.

· Assist with the rollout and communication of updated data protection policies, procedures and guidance to relevant business areas.

· Support readiness activities for audits, assurance reviews and regulatory accountability requirements by helping collate documentation and evidence of compliance.

· Monitor and help document changes in internal processes, business activities or regulatory expectations that may require updates to the data protection framework.

· Promote a pragmatic, risk-based approach to data protection governance, ensuring documentation and processes are clear, usable and proportionate for the business.

Knowledge, skills, and experience required

· Hold accredited qualifications in information governance, records management and/or data protection (BCS/CIPP), or equivalent gained in relevant experience.

· Expert knowledge of data protection and applicable legislation across multiple jurisdictions, information security controls and compliance management.

· Proven experience in advising and/or implementing data protection compliance programmes in complex environments.

· Able to explain data protection risks clearly and in non-technical language to the business and how they apply.

· Proven project management skills with a focus on delivery and results.

· A thorough understanding of best practice in risk management and compliance frameworks.

· Ability to interpret information, identify risk and provide feedback in a clear and concise manner.

· Attention to detail and able to interpret information, make sound decisions and take ownership of issues to resolution.

· Excellent interpersonal and communication skills, both written and oral.

· Organized, time management skills and an ability to work under pressure and flexibly to meet business deadlines.

· Experience of using tools and technology to train, communicate and improve risk culture and demonstrable experience in developing simple, effective and easy to adopt policies.

· Solid understanding of regulations, industry standards, and leading Industry practices

Collinson is an equal opportunity employer and welcomes differences in all their forms including: colour, race, ethnicity, gender identity, sexual orientation, neurodivergence, family status, age, individuals with disabilities and people from all backgrounds, cultures and experiences as we strongly believe this contributes to our on-going success.

We are focused on continually evolving our purpose driven, high performing culture, providing an environment where our people have the opportunity to achieve their full potential and do interesting and meaningful work. Our company values are: Take Action, Do the right thing, One team and Be insight led. These help guide everything we do internally in terms of how we think, act and interact, right through to how we deliver value to our customers and clients.

In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc).

If you need any extra support throughout the interview process, then please email us at ukrecruitment@collinsongroup.com