Data Protection Director

About the Role

At Monzo we do things differently. We truly care about providing a phenomenal experience for our customers. We believe there’s a better way to do banking, and we want to be the best possible bank without getting stuck in the old ways of doing things.

We need to make sure that we’re building our bank in a compliant manner; we also want to make sure we’re doing what’s ethical, appropriate and fair for our customers - following both the letter and the spirit of all applicable laws and regulations. We want our bank to be safe and secure for our customers, so data privacy and security are very important to us.

• Our mission is to make money work for everyone.
• To do that we need to give our customers the best possible experience, but make sure their information and rights are protected at all times.
• We hold a significant amount of information about our customers and people, we are trusted with this and want to hold ourselves to high standards regarding the handling of that information.
• We want to be pragmatic and balanced about the way these principles are delivered at Monzo.

We’re looking for a knowledgeable, collaborative and experienced Data Protection Director to make sure we’re not only customer-focused and innovative, but compliant with the privacy obligations we have. Working alongside our DPO and Legal function, you will perform a critical role in making sure that the way we handle the data of our customers, people and partners meets the legal and regulatory requirements at all times, as well as leading us strategically as we scale and grow as a business. This is very much a leadership and strategic role, shaping our 1st Line Data Protection team to meet Monzo’s future ambition.

As the Data Protection Director, you will lead and implement our data protection programme and our 1st line team. You will build privacy into the culture at Monzo and make sure that everyone is aware of their responsibilities and the minimum standards we expect. You will be the first point of contact for strategic data protection initiatives and liaise with the DPO, ExCo Legal and Board on our future direction.

We expect you to work with the business, be close to our product teams to enable growth and diversification on our journey to building a new way of banking. Monzo is not an organisation that lives to tick boxes, we need to strike the right balance for our customers to continue to grow and provide the best products and services.

What you'll be doing?

The Data Protection Director will report to our Chief Information Security Officer (CISO) in the 1st line team and work closely with the DPO in the 2nd line, as well as our Data Protection Lawyer.

You will be responsible for maintaining and continually improving the implementation of our data protection principles and framework, including:

• Working alongside the DPO to maintain the framework for compliance with UK GDPR and other privacy legislation across the EU and US for Monzo.
• Leading the longer term planning/design/execution of Monzo's data protection strategy.
• Designing, refining, updating and implementing policies and procedures related to data privacy across the business.
• Working with the DPO to define and implement methods to continually measure the level of maturity and compliance of data privacy across the organisation.
• Building and maintaining effective, constructive and high performing relationships with stakeholders across the Collectives.
• Leading the 1st line data protection team, continuing to embed the team as a valued partner to the rest of the business through the day to day activities they perform:
• Implementing regulatory change.
• Providing pragmatic and proportionate technical or specialist data protection compliance advice in respect of new and existing products, major strategic initiatives and operational business processes.
• Identifying and evaluating the company’s data processing activities and ensuring Records of Processing Activity (ROPAs) are in place and maintained.
• Implementing processes for completion of data protection impact assessments (DPIAs) and ensuring that associated risks are managed appropriately.
• Building in ‘privacy by design’ at all levels.
• Making sure we meet our operational obligations such as data subject access requests (DSARs) within required timeframes and with the appropriate information.
• Liaising with other organisations that process data on our behalf.
• Helping to deal with data privacy breaches and incidents and building the supporting processes.
• Making sure that appropriate data privacy training is in place for our people and partners.

You should apply if:

• You have extensive experience in data protection across a corporate environment, ideally fintech and/or banking.
• You have experience of working alongside the most senior stakeholders in the organisation, setting and executing on strategic objectives for data protection.
• You have in-depth knowledge of UK and EU GDPR and other national/international data protection laws.
• You have experience of building and leading data protection teams in the 1st line, and developing them over time.
• You have a solid understanding of the types of processes carried out by tech companies and banks and the customer data involved.
• You are capable and enthusiastic about leading and promoting a culture of data protection within an organisation.
• You have excellent communication skills.
• (Highly Desirable) - You have at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB.

Don’t tick every experience on the list? No worries! Research shows that some demographics often shy away from applying unless they meet every single requirement. At Monzo, we’re all about building a diverse and inclusive team, so if you’re excited about this role and eager to grow and learn with us, we’d love to hear from you - even if you don’t have everything listed here nailed down just yet. Apply anyway and let’s see where this journey takes us together!

The interview process:

After an initial informal recruiter call you go through two main stages

1. Initial Call (1 hour) You'll meet with our CISO. They'll ask you about your previous experience, in particular any role specific knowledge of any example based questions (‘Tell me about a time when…’). This will be more conversational.
   
   
2. Loop Stage (2 hours) The Loop stage consists of 2 x 60 min interviews

The Loop is one stage and the interviews in this stage are:

- Role Specific Interview (1 hour)An example based interview. We’re interested to hear examples from your previous experience. This interview evaluates the candidate’s strategic leadership, problem-solving, and technical expertise in data protection, along with their ability to influence senior stakeholders and drive organisational change in a fast-moving, regulated environment.

- Leadership Principles Interview (1 Hour)
This interview assesses the candidate’s ability to set a compelling vision, influence across the organisation, drive execution through their team, develop people, lead with empathy, and navigate change with resilience.

All things going well, you'll have completed the hiring process.

Our average process takes around 3-4 weeks but we will always work around your availability. You’ll have the chance to speak to our recruitment team throughout the process. If you’d like to ask a question sooner, email tech-hiring@monzo.com. Please also use that email to let us know if there's anything we can do to make your application process easier for you, because of disability, neurodiversity or any other personal reason.

What’s in it for you:

Base salary £130k - £160k + Equity + Benefits

️ We can help you relocate to the UK

We can sponsor visas

This role can be based in our London office, but we're open to distributed working within the UK (with ad hoc meetings in London).

We offer flexible working hours and trust you to work enough hours to do your job well, at times that suit you and your team.

Learning budget of £1,000 a year for books, training courses and conferences

And much more, see our full list of benefits here

#LI-Remote #LI-AL1