Data Protection and Privacy Associate Director

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

As one of the world's largest networks of audit, tax and consulting firms, RSM delivers big ideas and premium service to help middle-market businesses thrive. We are a fast-growing firm with big ambitions -- we have a clear goal to become the premium adviser to the middle market, globally. This vision touches everything we do, motivating and inspiring us to become better every day. If you are looking for a firm where you can build a future and make an impact, then RSM is the place for you.

At RSM, our consulting team brings together diverse advisory experts to deliver our six core solutions: business transformation, forensic, deal services, restructuring, finance function support, and risk and governance.

Our solutions are designed to address the unique needs, challenges, and opportunities our clients face as they strive to achieve their aspirations and organisational goals. Whether it's supporting global expansion, developing acquisition strategies, facilitating private equity investments, or collaborating with boards to manage risk and governance, our consulting experts work as one cohesive team. We prioritise simplicity, providing data-driven insights, value-added assurance, and high-quality execution to empower our clients in building sustainable, future-fit businesses.

Why this role matters

We help clients do the right thing with personal data, building trust, enabling growth, and staying on the right side of the law. We take a human-first, risk based approach and partner with our clients to deliver clear, practical, and commercial solutions.

What you'll do

• Lead client engagements end-to-end. Plan and deliver privacy advisory work across discovery, assessment, design, implementation, and ongoing improvement.
• Translate risk into action. Turn legal and regulatory duties into simple, workable controls that enable teams to have great customer impact.
• Operate in complex B2C environments. Advise on customer data, loyalty programs, product analytics, cookies/tracking, AdTech, mobile apps, employee datasets and business transformation.
• Build and mature privacy programmes. Policies, ROPAs, DPIAs/LIAs, retention schedules, notices, DSR processes, breach/incident readiness, vendor management, cross-border transfers and training
• Steer difficult decisions. Help clients navigate commercially challenging trade-offs, articulating options, risks, and mitigations in clear, simple language.
• Respond to change. Track regulatory developments (UK/EU and globally) and update client advice and templates pragmatically.
• Contribute to growth. Shape proposals, estimates, and statements of work; spot opportunities; develop re-usable methods, toolkits, and thought leadership.
• Coach others. Provide day-to-day guidance to consultants/analysts on engagements. Nurture a positive, accountable, low-ego team culture.

What you'll bring

• Depth of experience: Significant hands-on Data Protection & Privacy experience. You have led work in fast moving, consumer facing contexts and can show real outcomes.
• Independent leadership: Comfortable operating on your own as the senior advisor on a client account (setting direction, making calls, and taking responsibility).
• B2C and employee data expertise: Practical know-how across customer lifecycle use cases (acquisition, onboarding, CRM, loyalty, analytics, advertising, complaints) and workforce privacy (recruitment, ER, monitoring, retention).
• Strong working knowledge of the UK Data Protection and Privacy legislation. You will also have knowledge of global data protection legislation.
• Expertise in DPIAs, LIAs, transfer risk assessments, vendor due diligence, training and awareness, and metrics for programme effectiveness.
• Experience with privacy platforms (e.g., OneTrust/TrustArc), data catalogues/records tooling, or ISO/controls frameworks (e.g., ISO/IEC 27701).
• Qualifications in BCS/ISEB or equivalent.
• Your communication style is straight talking, empathetic, and clear. You are able to meet people where they are at in their journey.

What success looks like (first 12 months)

• You are the trusted lead for several client relationships, with repeat engagements and strong satisfaction.
• Clients have materially improved privacy maturity (policies, records, DPIAs, training, breach readiness, vendor controls) with measurable risk reduction.
• You've helped win/expand work and contributed practical playbooks/templates the wider team reuses.

Diversity and Inclusion at RSM
At RSM, we want to create a strong sense of belonging so that people of all identities, backgrounds, and cultures feel they can bring their true self to work. Our clients come from all walks of life. We aim to achieve that same diversity of background, experience and perspective in our own teams, so that we can genuinely understand our client's needs. Diverse teams bring a broader range of ideas and insights to work. That's why we're working together to ensure our firm's principles and processes support a firm culture that embraces difference and strengthens inclusion.