Are you ready to take ownership of information governance, risk, and data protection at a strategic level? We’re hiring for an Information Governance & Risk Lead to shape, strengthen, and future-proof our organisation’s approach to data, security, and risk. This is more than a compliance role, it’s a chance to influence senior decision-making, drive cultural change, and position information governance as a true enabler of organisational success.

About the role:

This is a standout opportunity to operate at the heart of the HCPC, where you’ll play a key role in shaping strategy and influencing senior leadership and Council decisions. With true end-to-end ownership of information governance, risk, and compliance frameworks, you’ll have the autonomy to turn policy into meaningful practice. The role is forward-looking, giving you the chance to shape how we respond to emerging challenges such as AI, data ethics, and evolving regulation, while also offering a genuine leadership platform to build capability, inspire others, and embed a culture of accountability and continuous improvement.
This is a permanent full time role offering hybrid working with a mandatory attendance of 1-2 days a week at our office in London Kennington SE11

Purpose and Main Duties

You’ll be the driving force behind our governance and risk landscape, including:

• Acting as our Data Protection Officer (DPO) and trusted expert on all data protection matters

• Leading information governance, including FOI, SARs, DPIAs, and incident management

• Owning and maintaining ISO 27001 certification, audits and ISO audit readiness

• Delivering our evolving risk management framework, ensuring clear visibility and accountability

• Leading business continuity management and planning

• Overseeing data sharing agreements, archiving, and compliance processes

• Providing clear, insightful reporting to senior leadership and Council stakeholders

• Promoting a strong, organisation-wide culture of security, information governance, and continuous improvement

What We’re Looking For

We’re looking for more than technical expertise, we want someone who is influential, proactive, and commercially aware, with a proven track record in data protection and information governance. You’ll bring

• Proven experience as (or supporting) a Data Protection Officer

• A strong track record managing ISO 27001 and governance frameworks

• Hands-on experience with risk registers, audits, and compliance activities

• Confident management of FOIs, SARs, DPIAs, and incident investigations

• The ability to translate complex risks into clear, actionable insights

• Natural leadership skills as someone who can engage, influence, and inspire across all levels

• Educated to a degree level or equivalent skills and knowledge in a related field

• Recognised auditor qualification for ISO 27001:2022

• Recognised Risk Management qualification desirable not essential

About the Department:

The Assurance & Compliance department helps keep the HCPC safe, transparent, and continuously improving. We look after, information governance and data protection, regulatory quality assurance, risk, internal audit, compliance, complaints, making sure we do the right things in the right way.

Our work protects the HCPC, our registrants, and the public. We help teams navigate regulatory requirements, manage risks effectively, maintaining integrity of the organisation’s information.

If you’re passionate about integrity, problem-solving, and making a positive impact, this is a team where your work really matters.

Alongside our excellent employee benefits, we are committed to your ongoing learning and development to build your skills, experience, and career.

You can find out more about our benefits on our website  click here 

Advert Closing Date: 21st April 2026 (All vacancies will close at 1pm)

Supporting Statement:** Please submit a supporting statement along with your CV. Applications without a supporting statement will not be reviewed

**Further information **on this role is detailed in the job description and person specification click here.

** Interview Dates: **   Week commencing: 5th May Telephone Screening In-Person interviews: 11th and 12th at our London Kennington office.

**** Additional Information: **   
**
** Right to Work**    All candidates must have the appropriate right to work in the UK. Please note that the HCPC does not offer a sponsorship scheme and is therefore unable to sponsor visa applications. Before starting employment, we will conduct thorough checks on original documentation to verify your right to work status.

Diversity    HCPC’s vision is to be recognised as an actively anti-discriminatory organisation that upholds and promotes best practice in equality, diversity and inclusion and an active ally for change. We are a Disability Confident employer and aspire to have a diverse and inclusive workplace and strongly encourage suitably qualified applicants from a wide range of backgrounds to apply and join the HCPC. We will make reasonable adjustments and adaptations to ensure the recruitment process is inclusive and barrier-free and will offer an interview to disabled candidates who meet the minimum criteria for the role. If you would like to have a confidential discussion on how we can support you, please contact recruitment@hcpc-uk.org.

** Values**    Our values underpin what we do and how we do it, to help us operate to high standards and effectively as a regulator and employer. In addition to the core competencies for this role, we will also assess you against our values during the selection process: Please refer to the HCPC Values and Behavioural Framework.