Data Protection Principal Consultant

Our rapidly-growing business offers a dynamic environment for talented, entrepreneurial professionals to achieve results and grow their careers. As Data Protection Principal Consultant, you will be responsible for supporting the development of the data protection service within our broader Cyber Security practice.

The successful candidate will be responsible for supporting the commercial development and growth of data protection service both as independent expert service and as part of our extensive cyber security services. Therefore, a broader and deeper understanding of data protection and cyber security compliance and governance will be a key requirement for the successful applicant.

Primarily you will be responsible for supporting our clients across several sectors in leading privacy projects in line with the UK Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR). More widely this role will require the successful candidate to work in partnership with Gemserv’s Business Development and Marketing teams to play a leading role in networking, speaking at conferences and positioning new leads for our BD team to develop into commercial opportunities.


London Office
Salary Range
£55k-£65k (based on experience)
Employment Type
Contract Basis
Full time (happy to consider flexible working)
Closing Date
Ref No


  • Development of Gemserv’s data protection and cybersecurity service offering and propositions in line with current and new legislation;
  • Position business development opportunities, develop leads and partner with Business Development team to develop the strategic direction of the service;
  • Manage DP team members with responsibility for assessing data privacy compliance against the relevant legislative frameworks and designing and implementing data protection and privacy programs to achieve compliance;
  • Build on our data protection service capability that pulls together more comprehensive services, including, cybersecurity, IoT, digital transformation and programme management;
  • Advise on a wide range of privacy and data protection compliance issues which include undertaking privacy impact assessments; data breach handling; third party assessments’ privacy challenges related to big data and AI; development of comprehensive privacy policies; guidance and training and awareness programmes; data sharing mechanisms, audits; and
  • Ensuring team knowledge base is up to date especially in relation to legal developments, new technologies and case law.



The successful candidate will:  

  • Have solid and proven experience (minimum 5 years) with relevant data protection, privacy and cybersecurity laws and standards at UK, EU and global level;
  • Have proven ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements;
  • Understand the sales cycle and be able to position news service opportunities in dialogue with existing and new clients;
  • Have experience of cooperating with the Information Commissioner Office and other Supervisory Authorities;
  • Have proven technical expertise and experience in compliance, risk management, corporate governance or legal or regulatory issues;
  • Be able to lead and manage the day to day aspects of engagement activities and an ability to work with clients as an SME;
  • Have the confidence to build and maintain positive relationships with senior staff and broader teams across the business;
  • Have line management experience including motivating, developing and creating a high performing team;
  • Have experience preparing and delivering Board level presentations;
  • Demonstrate a keen interest in (and business acumen for) growing the team through solid stakeholder and client engagement, leads nurturing and development.
  • Possess strong written and verbal communication skills
  • Experience within a Professional Services/Consulting environment is desirable.



  • Bachelor's or Master's Degree in IT, Law or relevant field that demonstrates knowledge, interest and passion in the data protection and privacy field;
  • Professional qualification in Privacy and Data Protection (BCS Practitioner Certificate in Data Protection / CIPP/E) is essential and,
  • Cyber Security (including ISO27001, CISSP, CISM) qualification is desirable;
  • Upon employment, employees should also have a sound awareness of the Company's Information, Quality, Environmental and Energy Management Systems.


The role will require to travel several times a year to client sites



We are passionate about helping drive the energy market transformation and data revolution. We work right across our sectors, from government bodies to global blue-chip organisations and small independent companies.

The nature of what we do means we are very much a people business. The contribution every member of the team makes to our diverse range of experience, skills and personalities is valued.

We invest heavily in learning and development to enable our people to develop skills and gain experience which will enhance career prospects for life. Many who started their careers with us have rapidly progressed to more senior positions.

At Gemserv no two days are the same, but we believe in a flexible approach to working which we know our employees value. We also offer an attractive package of benefits in addition to highly competitive salaries including bonus scheme, pension and healthcare, season ticket loans, discounted gym membership, Cycle to Work scheme and more.

 HR Recruitment Graphic HR Recruitment Graphic



If you feel that you fit the above requirements and would like to hear more about being part of a growing organisation, then we would love to hear from you. Please submit your CV and application letter to us by clicking ‘Apply now’

Happy to talk flexible working