We're on a mission to make a big green dent in the universe by building a truly sustainable energy system globally.
That means making power greener, smarter, and more affordable for everyone.
We put customers at the heart of everything we do: with always-fair prices, transparency and outrageous customer service.
We drive system change: with transformative tech to make renewable energy the norm and end global reliance on fossil fuels.
Octopus Energy Group is made up of 10 businesses spanning 6 countries across 3 continents, including: Octopus Energy Retail, Kraken Technologies, Octopus Energy Generation, Kraken Flex, Octopus Electric Vehicles, and the Octopus Centre for Net Zero. More on OEG @ octopusenergy.group
What we do. Electric Car Leasing
Why we do it. Greener. Fairer. Future.
We’re expanding our Information Security and Data Protection team at Octopus Electric Vehicles!
We’re looking for a Data Protection Manager to join our growing team and support our fast-paced security landscape.
You’ll be supporting our business and ensuring that we remain fully-operational and compliant with UK GDPR legislation and processes while also working with various teams to expand our capabilities and develop creative solutions to business challenges and opportunities to improve our service to both new and existing customers.
About us
The electric revolution has arrived - and from 2035 you’ll no longer be able to buy a new petrol or diesel car in the UK.
We’re building a whole new way for drivers to join the electric charge and not only learn about and shop for their EV online, but experience a 'lease for life' through an industry changing customer experience. This is the chance to join one of the UK’s most exciting start-ups – making it easy for individuals and businesses to go electric by getting their car, charger and energy all in one cracking deal.
Octopus Electric Vehicles launched in 2018 to make it seamless to switch to cleaner, greener driving. Our mission is to drive sustainable change, decarbonise the planet and provide our customers with fair pricing and a fantastic experience.
We're an Octopus Energy company—an innovative new energy supplier. We are part of the Octopus Energy Group, which seeks to improve the lives of millions of people by transforming the industries we operate in. The Octopus Group incorporates Octopus Energy, Octopus Healthcare, Octopus Investments, Octopus Property, Octopus Ventures and Octopus Labs.
Please note we use AI to help us assess applications fairly and objectively.
If this sounds like you then we'd love to hear from you.
Are you ready for a career with us? We want to ensure you have all the tools and environment you need to unleash your potential. Need any specific accommodations? Whether you require specific accommodations or have a unique preference, let us know, and we'll do what we can to customise your interview process for comfort and maximum magic!
Studies have shown that some groups of people, like women, are less likely to apply to a role unless they meet 100% of the job requirements. Whoever you are, if you like one of our jobs, we encourage you to apply as you might just be the candidate we hire. Across Octopus, we're looking for genuinely decent people who are honest and empathetic. Our people are our strongest asset and the unique skills and perspectives people bring to the team are the driving force of our success. As an equal opportunity employer, we do not discriminate on the basis of any protected attribute. Our commitment is to provide equal opportunities, an inclusive work environment, and fairness for everyone.
What you'll do...
Compliance and Governance: Maintain and develop the company's data protection strategy, policies, procedure, and compliance framework in line with UK GDPR, the Data Protection Act 2018, and PECR.
Records and Risk Documentation: Lead and conduct Data Protection Impact Assessments (DPIAs), update our Records of Processing Activities (RoPA), conduct Legitimate Interest Assessments (LIAs) and any other expected activity records.
Subject Rights Management: Lead and conduct the end-to-end process for Data Subject Access Requests (SARs) and other data subject rights (e.g., erasure, rectification) in a timely and compliant manner.
Breach Management: Manage the company's data breach response plan, including investigation, reporting, remediation, and communication with the Information Commissioner's Office (ICO) and affected individuals where necessary.
Advisory: Act as the primary point of contact and subject matter expert for all data privacy matters, providing pragmatic advice to internal and external stakeholders, at all levels of the business.
Third-Party Risk: Conduct due diligence and manage data protection risks associated with third-party suppliers, including SaaS vendors, finance providers, vehicle dealerships, data brokers, and marketing partners.
Training and Awareness: Design and deliver engaging data protection training and awareness campaigns across the business to foster a strong privacy-aware culture.
Monitoring and Reporting: Monitor the evolving privacy regulatory landscape and report on the company's compliance posture and risk level.
ICO Liaison: Serve as a point of contact for the ICO and support the designated Data Protection Officer (DPO).What you'll need...
A passion for Data Protection, Privacy and Information Security and an ability to explain these concepts in a clear and meaningful way to those who may not be familiar with themExcellent understanding and practical experience of the principles/issues involved in Data Protection and compliance with UK GDPR legislation and the expectations of the ICOExcellent understanding of the UK Data Protection Act 2018 and of the principles/issues involved in maintaining complianceForward-thinking, self-motivated and able to take responsibility for your own initiatives and drive them to implementationAbility to work in a pressured environment while prioritising work in a considerate waySupportive and reliable team member, with excellent attention to detailAwareness of Information Security principles and requirements for ISO27001 compliance would be valuableAny knowledge of the FCA or experience in the financial services industry would be valuableWhy you'll love it here
Don't feel like you meet all of our hiring criteria? thats OK, apply anyway! we'd love to hear from you and have a conversation.
Octopus Electric Vehicles, part of the Octopus Energy Group, won the Sunday Times best company to work for in 2024. We were named 6th out of the top 100 start-ups to work for by Tempo in 2025 and on Glassdoor we were voted 50 best places to work in 2022. Our Group CEO, Greg has recorded a podcast about our culture and how we empower our people
Wondering what the salary for this role is? Just ask us! On a call with one of our recruiters it's something we always cover as we genuinely want to match your experience with the correct salary. The reason why we don't advertise is because we honestly have a degree of flexibility and would never want salary to be a reason why someone doesn't apply to Octopus - what's more important to us is finding the right octofit!
Octopus Energy Group is a unique culture. An organisation where people learn, decide, and build quicker. Where people work with autonomy, alongside a wide range of amazing co-owners, on projects that break new ground. We want your hard work to be rewarded with perks you actually care about! Visit our perks hub - Octopus Employee Benefits