Data Protection Lawyer


London, GB

Department or practice area:  Risk Management

Taylor Wessing


Taylor Wessing is a global law firm that serves the world's most innovative people and businesses. Deeply embedded within our sectors, we work closely together with our clients to crack complex problems, enabling ideas and aspirations to thrive. Together we challenge expectation and create extraordinary results. By shaping the conversation in our sectors, we enable our clients to unlock growth, protect innovation and accelerate ambition. 


With 1000+ lawyers, 300+ partners, 29 offices and 17 jurisdictions we are looking to expand our Risk Management  team, with the addition of a Data Protection Lawyer.


The opportunity for you


Reporting to the firm's Director of Risk, the focus of the role is to develop and manage the firm's data protection compliance, privacy and cyber security.  As well as continuing to develop the firm's Data Protection Compliance Programme created in response the General Data Protection Regulation, it will involve managing and responding to cyber security risks, responding to information security client audits, managing subject access requests and reviewing data protection clauses in client terms and supplier contracts.


Meet the team


This role is an in-house role, sitting in the Risk Management team based in London.  The team comprises In-House Legal Counsel, Risk Lawyers and Business Acceptance Analysts, supporting the UK business and some of the firm's international offices.


Key responsibilities


  • Assisting the Director of Risk in developing the information security and privacy strategy for the firm.
  • Leading on continuous improvement of the firm's data protection compliance programme to ensure alignment to current law and regulatory guidance.
  • Creating and maintaining data protection policies and procedures.
  • Liaising with data protection experts in the firm's international offices, to ensure firm-wide compliance.
  • Keeping up to date with developments in data protection law, policy and regulatory guidance and providing updates to the Director of Risk.
  • Providing advice and input on projects from a data protection compliance perspective.
  • Working with the IT and IT Security teams to assess cyber and information security risks for the firm and developing appropriate awareness and training programmes.
  • Conducting data protection compliance assessments, including as appropriate, privacy impact assessments on all new personal data processing activities to be introduced by the firm and changes to existing processing activities. 
  • Creating and maintaining data protection compliance accountability records including compliance assessments and records of processing activities
  • Monitoring, reviewing and maintaining the firm's ICO registrations.
  • Assisting the Director of Risk in dealing with the Information Commissioner on data breach investigations, complaints and investigations if necessary.
  • Working with the IT Security team in reviewing and responding to client cyber and information security audits.
  • Dealing with Data Subject Access Requests served on the firm.
  • Reviewing data protection provisions in all the firm's contracts involving personal data processing.
  • Responding to data protection aspects of client due diligence questionnaires and reviewing data protection terms in client engagement documents.
  • Creating data protection and awareness programmes and delivering training to staff.


Knowledge, skills and experience


  • A full understanding of the applicable regulatory framework.
  • Demonstrable experience of designing, implementing, maintaining and documenting data protection compliance programmes at a senior level.
  • Experience of information security standards such as ISO 27001
  • Experience in dealing with data security breaches, managing investigations and dealing with the regulator.




Here are a select few benefits that Taylor Wessing offer; 


  • Hybrid working (Offering the opportunity to work remotely, while maintaining a social boundary by working from our award-winning offices for 3 days a week) 
  • Holiday (Our basic annual holiday entitlement starts at 25 days, with a further discretionary day of paid leave in December. You may also purchase up to five extra days each year (pro rata). 
  • Enhanced Maternity and Paternity leave (After one-year service, you are entitled to up to 26 weeks leave full pay if you or your partner give birth or adopt a child). 


Along with these there are many more benefits we offer, with the addition of a comprehensive flexible benefits package available. 


Our culture


Nurturing a diverse, inclusive culture allows all of our talent to flourish, sparks creativity and powers innovation.  We continue to build a team that exemplifies inclusivity and reflects the firm's core values: creative, excellence, integrity, responsible, respect and team.  We value and celebrate the differences in who we are, what we have experienced and how we think, so all candidates will be treated fairly regardless of age, caring responsibilities, disability, gender identity, marital status, neurodiversity, pregnancy, race, religion or belief, sex, sexual orientation and socio-economic background. 


The way we work


At Taylor Wessing, we never settle for average. We're creative thinkers, problem solvers and continuous learners who excel at what we do and believe our best work is still ahead of us. We are a firm that's large enough for you to achieve your ambitions, but connected enough to be a true community.  


Click link below for the full job description: