Amtis - Digital, Technology, Transformation
Data Protection & Third-Party Risk Analyst
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for a Data Protection & Third-Party Risk Analyst on a 12-month FTC, hybrid in Birmingham, offering £45k - £55k. Requires 3+ years in Data Protection, strong GDPR knowledge, and experience with SaaS and IT vendors.
🌎 - Country
United Kingdom
💱 - Currency
£ GBP
-
💰 - Day rate
Unknown
-
🗓️ - Date
March 27, 2026
🕒 - Duration
More than 6 months
-
🏝️ - Location
Hybrid
-
📄 - Contract
Fixed Term
-
🔒 - Security
Unknown
-
📍 - Location detailed
Birmingham
-
🧠 - Skills detailed
#Documentation #Data Privacy #GDPR (General Data Protection Regulation) #Data Lifecycle #DPIA (Data Protection Impact Assessment) #SaaS (Software as a Service) #Compliance
Role description
Data Protection & Third-Party Risk Analyst
12-month FTC | Hybrid | Birmingham - £45k - £55k
We’re recruiting a Data Protection–focused analyst to support PII usage, data sharing, and third-party risk across a large, multi-site organisation.
This is not a SOC or cyber tooling role, it's focussed on how personal data is shared, used, minimised, and governed across SaaS platforms, IT vendors, and service providers.
What you’ll be doing
Assess how PII is shared with SaaS providers and IT vendors
Review and document data flows, purposes of processing, and data lifecycles
Conduct third-party data protection risk assessments and DPIA-style reviews
Maintain records of:
Data categories
Processing purposes
Hosting locations
Sub-processors
Retention and deletion
Challenge unnecessary data collection and enforce data minimisation
Track and close remediation actions with vendors and internal teams
Support Procurement, Legal, IT, and the business with practical GDPR advice
Maintain clear, audit-ready documentation for GDPR and third-party assurance
What we’re looking for
3+ years in Data Protection, Privacy, or Third-Party Risk
Strong, hands-on experience with:
Understanding PII usage
Vendor / SaaS data sharing
GDPR in practice (not theory)
Comfortable challenging stakeholders on data usage
Experience working with IT vendors, platforms, or outsourced services
Able to balance risk, commercial reality, and compliance
Data Protection and Data Privacy-first role | Vendor & SaaS focused
If this could be suitable, please apply in the first instance
Data Protection & Third-Party Risk Analyst
12-month FTC | Hybrid | Birmingham - £45k - £55k
We’re recruiting a Data Protection–focused analyst to support PII usage, data sharing, and third-party risk across a large, multi-site organisation.
This is not a SOC or cyber tooling role, it's focussed on how personal data is shared, used, minimised, and governed across SaaS platforms, IT vendors, and service providers.
What you’ll be doing
Assess how PII is shared with SaaS providers and IT vendors
Review and document data flows, purposes of processing, and data lifecycles
Conduct third-party data protection risk assessments and DPIA-style reviews
Maintain records of:
Data categories
Processing purposes
Hosting locations
Sub-processors
Retention and deletion
Challenge unnecessary data collection and enforce data minimisation
Track and close remediation actions with vendors and internal teams
Support Procurement, Legal, IT, and the business with practical GDPR advice
Maintain clear, audit-ready documentation for GDPR and third-party assurance
What we’re looking for
3+ years in Data Protection, Privacy, or Third-Party Risk
Strong, hands-on experience with:
Understanding PII usage
Vendor / SaaS data sharing
GDPR in practice (not theory)
Comfortable challenging stakeholders on data usage
Experience working with IT vendors, platforms, or outsourced services
Able to balance risk, commercial reality, and compliance
Data Protection and Data Privacy-first role | Vendor & SaaS focused
If this could be suitable, please apply in the first instance
