Data Governance Lead

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it’s really like to work at HMRC.
Visit our YouTube channel to watch the full series and come and discover your potential.
At HM Revenue and Customs (HMRC) we make sure money is available to fund the UK's vital public services and assist people with targeted financial support.
Data Analytics Team (DAT) forms part of the Analysis function within HMRC's Risk and Intelligence Service (RIS) Directorate. DAT provides analytical expertise to policy and compliance partners across multiple business areas and share data across government departments. We interrogate complex data to first understand it, and then to provide insight on compliance risks and shape new compliance capability.
The Portfolio Management Office (PMO) sits within DAT and are responsible for a wide array of work. The PMO Governance programme is split into three strands: Cross-Government Data Sharing, Data Security, and Risk, Audit & Asset Management.
One vacancy will focus on Cross Government Data Sharing, reporting to the Senior Data Governance Lead and working closely alongside the Head of Portfolio Management Office (PMO) and Cross Government Data Exchange Lead (GovDET), the job holder will support the movement of bulk data, preparing relevant data transfer documentation, such as MoUs, DPIAs and CoRAs, and engaging with all relevant stakeholders (internal & external).
The other vacancy will focus on risk, audit and asset management through engagement with senior DAT colleagues to create and maintain risk registers, information asset registers and business continuity measures. You will be responsible for the Senior Management Team Tier 5 risk register, as well as working with individual teams to produce and maintain risk registers at a team level. You will also review and manage the Tier 4 SLT risks, working with the relevant stakeholders to ensure that these are suitably mitigated and addressed., + Draft, develop, and review data exchange documentation, including Process Memoranda of Understanding (pMoU), Data Protection Impact Assessments (DPIA), and Certificates of Review and Assurance (CoRA). Collaborate with cross-government stakeholders, Security & Information Business Partners, data analysts, and HMRC Central Policy to ensure accuracy before data transfers.
+ Lead assurance activities on system access, data retention schedules, and compliance with UK GDPR.
+ Work with GovDET and stakeholders to resolve data exchange issues and ensure adherence to External Data Exchange policies, escalating concerns when necessary.
+ Maintain and update management information, risk registers, information and fixed asset registers, and business continuity plans., + A 250-word Technical Statement - Explain and give evidence of your experience of using the principles of GDPR relative to Data Security".
CV
+ A name-blind CV covering your job history and key achievements.
Technical Statement
+ Explain and give evidence of your experience of using the principles of GDPR relative to Data Security.
We acknowledge that AI can assist you in your application. Find our guidelines here.
Sift
A full sift of your CV and Technical Statement will be conducted against the job description, key responsibilities and essential criteria.
If you are successful at the sift stage, you will be invited to a video interview.
Interview
During the panel interview you will be asked behaviour-based questions to explore in detail what you are capable of.
Technical Question Details : Experience Question:
Can you tell us of a time where you have had to apply knowledge of Data security to a piece of work, considering GDPR principles?
Interviews will take place via video link. Sift and interview dates to be confirmed.
Eligibility
Please take extra care to tick the correct boxes in the eligibility sections of your application form. We understand mistakes sometimes happen but if you contact us later than two working days (Monday-Friday) before the vacancy closes, we will not be able to reopen your application for you. If you do make a mistake, please contact us via: unitybusinessservicesrecruitmentresults@hmrc.gov.uk – Use the subject line to insert appropriate wording for example – ‘Please re-open my application – [382126] & vacancy closing date [insert date]’
To check that you are eligible to apply for this role, please review the eligibility information before submitting your application.
Reserve List
A reserve list may be held for up to 12 months from which further appointments may be made for the same or similar roles – if this applies to you, we’ll let you know via your Civil Service Jobs account.
Criminal Record Check
Applications received from candidates with a criminal record are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.
Merit List
After interview, a single merit list will be created, and you will only be considered for posts in locations you have expressed a preference for. Appointments will be made in strict merit order in line with the set number of roles in each location.
Reasonable Adjustments
We want to make sure no one is put at a disadvantage during our recruitment process. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate.
If you need a change to be made so that you can make your application, you should, Current Civil Servants (all contract types) will need to ensure that they are still employed as a Civil Servant on or beyond the start date for the post. If their contract ends (for example due to the end of Fixed Term Appointment contract or resignation) at any point during the application process for the advertised role, they will no longer be eligible and may be withdrawn.
Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement, this will be tested as part of the selection process.
HMRC has a presence in every region of the UK. For more information on where you might be working, review this information on our locations.
The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide in your application must relate to your own experiences.
Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant application(s) will be withdrawn from the process.
Recording of interviews is prohibited unless explicit agreement is sought in line with the UK General Data Protection Regulations.
Questions relating to an individual application must be emailed as detailed later in this advert.
Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant’s details held on the IFD will be refused employment.
A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.
If you experience accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.
Feedback will only be provided if you attend an interview or assessment.

Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements
This job is broadly open to the following groups:
+ UK nationals
+ nationals of the Republic of Ireland
+ nationals of Commonwealth countries who have the right to work in the UK
+ nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
+ nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
+ individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
+ Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window)., Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. You have the right to complain if you feel there has been a breach of the Recruitment Principles.
In the first instance, you should raise the matter directly via ubsrecruitmentcomplaints@hmrc.gov.uk. If you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission please visit their website.

+ Strong understanding of data security, GDPR, and their application to compliance activity.
+ Excellent written and verbal communication skills, including digital tools like SharePoint and MS Teams.
+ Proficiency in Outlook, Teams, Excel, and PowerPoint.
+ Ability to meet challenging deadlines and adapt to changing priorities.
+ Skilled at building relationships with stakeholders across HMRC and other government departments to deliver key documents.
+ Experience working collaboratively with senior grades to develop communications such as Freedom of Information responses or ministerial briefings.
+ Self-motivated with initiative, able to work independently and at pace.
Essential Criteria:
+ You will need to already have or obtain security clearance at SC level when appointed.
+ Demonstrable understanding of GDPR principles relating to data security.
+ Experience of conducting assurance or compliance activity.
+ An understanding of risk management and how to successfully mitigate risks
Desirable Criteria:
+ Experience of drafting and development of data exchange documentation including Process Memorandum of Understanding (PMOU), Data Protection Impact Assessments (DPIA), Record of Processing Activity (ROPA) and Certificate of Review and Assurance (CoRA), + Delivering at Pace
+ Communicating and Influencing
+ Working Together

Technical skills
We'll assess you against these technical skills during the selection process:
+ A 250 word statement on "Explain and give evidence of your experience of using the principles of GDPR relative to Data Security".
+ Technical Question Details : Experience Question: Can you tell us of a time where you have had to apply knowledge of Data security to a piece of work, considering GDPR principles?
We only ask for evidence of these technical skills on your application form:
+ A 250 word statement on "Explain and give evidence of your experience of using the principles of GDPR relative to Data Security"., Combined TC and OGD Pay - English Opens in new window (docx, 129kB)

Alongside your salary of £36,320, HM Revenue and Customs contributes £10,521 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments. We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible, considering our operational and customer service needs.
We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days.
+ Pension - We make contributions to our colleagues’ Alpha pension equal to at least 28.97% of their salary.
+ Family friendly policies.
+ Personal support.
+ Coaching and development.
To find out more about HMRC benefits and find out what it’s really like to work for HMRC hear from our insiders or visit Thinking of joining the Civil Service.