To be discussed
Contract Type
Contract Type
Full Time
Currently work from home - transitioning to Chorley office


ESG is a market leading provider of innovative technology and services to the utilities and energy industry. We are creating a more competitive utilities sector, improving our customer’s lives through better service and greater choice and guiding our clients through complex industry change. Our mission is to empower global energy leaders to deliver their future promise of energy. Our automated software as a service, expert services and data insight enable competitive leaders to attract customers, provide the best service, innovate constantly and unlock new technology benefits for customers both in the UK and overseas. To date, ESG has enabled a significant number of new entrant energy suppliers to enter the industry and we manage several million customers on behalf of suppliers and metering companies.

Role Responsibilities

  • Lead and deliver Privacy Programme core initiatives including developing plans, drafting deliverable and engaging stakeholders as needed.
  • Act as a technical resource providing advice on the practical consequences of complying with relevant privacy obligations, including interpretation of relevant laws, and guidance on the implementation of internal policies, procedures and guidance.
  • Responsibility for maintaining ESG’’s Privacy framework (Governance, policies, standards and guidance) including monitoring the implementation and application of internal data protection policies and processes.
  • Develop good relationships and work closely with key managers across the Global functions to ensure that policy information and supporting processes are communicated clearly and operationalised effectively.
  • Foster a data protection culture within the organisation and help to implement essential elements of Data protections, such as the principles of data processing and data protection by design and by default. Lead engagement sessions and coaching with the Division leads in Marketing, HR, Information Security, Sales/Operations, Events and Digital teams, developing materials as needed.
  • Review Global and high risk Privacy Impact Assessments and vendor privacy risk assessments to provide advice on new projects, platforms, and products.
  • Providing analysis and advice on complex data protection queries providing pragmatic recommendations to the Business teams.
  • Work to maintain our Records of Processing Activities documentation including documentation of Legal Basis for the Group’s processing of personal data.
  • Work with the legal team in the review of legal contracts and advise where necessary on data sharing arrangements and data processing agreements.
  • Work with the sales team and customers to respond to RFP’s and RFI’s.
  • Lead incident and breach investigations supporting Privacy, as necessary.
  • Support DPO to assess the level of compliance maturity and privacy-related risks within ESG including Risk Reporting process.
  • Monitor compliance activities and effectiveness of internal controls conducting assessments and audits to suggest improvements.
  • Keep abreast of Data Privacy Law changes around the world (e.g. United Kingdom, United States, Japan).

About You

  • Working to tight deadlines.
  • Analytical thinking and attention to detail.
  • Good communication skills, both written and verbal.
  • Must be able to work independently and as part of a team communicating with all levels of staff.

Qualifications, attributes & experience

  • 3 – 5 years of managing privacy operations in a global organization.


  • ISO Responsibilities
  • ISO Staff Awareness
  • Follow IMS Policies
  • Reporting of Incidents