Tech Stack
Job Description, Responsibilities & Requirements
About the Position
Pockit and Monese are the all-in-one money apps that make it easy for people to access and manage the financial tools that put them in control of their money. We provide vital financial services, from accounts and cards through to income advance. In October 2024, Pockit acquired Monese, creating the leading fintech for low-income individuals and those who are poorly served by traditional banks. The combined business serves over three million customers across the UK and Europe.
We are currently seeking a Data Protection Officer (Part Time) to join our Fraud, Risk & Compliance team in London. This role is pivotal in ensuring our data protection framework is robust, practical, and embedded across the business, while supporting fast-paced product development and regulatory change in a regulated fintech environment.
Responsibilities
- Acting as the appointed Data Protection Officer and main point of contact for regulators such as the ICO and EU supervisory authorities
- Ensuring compliance with UK GDPR and EU GDPR across all products, systems, and operational processes
- Overseeing and maintaining core privacy governance artefacts including Records of Processing Activities (RoPA) and Data Protection Impact Assessments (DPIAs)
- Advising on privacy risks in product development, new features, vendor onboarding, and cross-border data transfers
- Leading incident and breach response from a data protection perspective, including assessment, escalation, and regulatory reporting where required
- Embedding privacy by design principles across engineering, product, and operational teams through guidance, review, and training
- Monitoring regulatory developments and translating requirements into practical internal policies and controls
- Reporting on privacy risk and compliance status to senior leadership and governance forums
Requirements
- Proven experience as a Data Protection Officer or senior privacy professional in a regulated financial services, fintech, payments, or e-money environment
- Strong working knowledge of UK GDPR, EU GDPR, and associated regulatory frameworks
- Experience working with supervisory authorities and handling regulatory engagement
- Deep understanding of data governance, DPIAs, RoPA, DSAR handling, and privacy risk management
- Experience working in product-led, agile environments with frequent releases and fast-paced delivery
- Strong stakeholder management skills, with the ability to influence technical and non-technical teams
- Practical understanding of cloud-based systems, data architectures, and modern data flows
- Ability to translate legal and regulatory requirements into clear, pragmatic operational guidance
- High attention to detail combined with strong judgment and commercial awareness
- Relevant legal, compliance, risk, or data protection qualifications such as CIPP/E or equivalent preferred
We Offer
- Join a mission-driven company working at the intersection of technology and financial inclusion.
- Work with a diverse, entrepreneurial, and ambitious team.
- Play a key role in shaping how privacy and trust are embedded in a fast-growing fintech serving millions of customers.
- Competitive compensation and benefits, including share options, Bupa private healthcare, and flexible working.
About the Company
We're a lively, diverse, and international team, based across offices in London, Newcastle, Tallinn, and remote teams in central Europe. You'll be joining a team that fosters curiosity, ambition, accountability, and resilience, and we know you'll be made to feel at home straight away.
Work Location
The primary place of work is Pockit’s headquarters in Marylebone, London. The ideal candidate will be able to work from this office at least once a week, though we are open to remote applicants in the UK.