Jobs
in VC
Your dream fund is an intro away. Post a role for free
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

GDPR Business Analyst (3M FTC)

Triple Point

Triple Point

IT
London, UK
Posted on Oct 30, 2025
Apply now

Since 2004, we’ve been bringing investment ideas to life and connecting capital with the right people and opportunities. Today, we manage more than £2.5 billion for a broad range of investors across five key investment strategies: Private Credit, Social Housing, Clean Heat, Energy and Venture. These strategies underpin the innovative range of investments we offer to both private (retail) and institutional clients.

There are 220+ employees at Triple Point, all committed to leaving the world demonstrably better than we found it. That’s why we’re a certified B Corp, signed up to the Principles for Responsible Investment, and were named a Sunday Times 'Best Place to Work 2025'.

If this sounds like an environment where you would flourish, then read on…

The Function

The Risk function operates within Triple Point’s wider Governance, Risk and Compliance (GRC) team and is part of the Second Line of Defence. Its role is to provide independent oversight and challenge across the business, ensuring that risks are properly identified, assessed, and managed. The function is central to protecting the firm’s integrity and ensuring adherence to the high standards set by the Financial Conduct Authority (FCA)

The Team

By joining the Risk function, you will become part of a collaborative and professional GRC team that plays an essential role in supporting the firm’s success. Your contributions will directly influence how the business manages risk, while providing you with broad exposure to the firm’s operations. This is an opportunity to strengthen Triple Point’s control environment and to play a meaningful role in sustaining the company’s long-term resilience and reputation.

Purpose of the Role

The GDPR Business Analyst will lead the review of Triple Point’s GDPR and Data Management programme to ensure a robust compliance framework, aligned to regulatory expectations and operational risk appetite, strengthening data governance, accountability, and resilience across the business.

This is a fixed-term contract reporting to the Risk Director (2LOD) and working closely with Compliance, Digital & Technology, Legal, People, and Client Operations functions.

Key Responsibilities

Risk Management

  • Responsible for the enterprise-wide risk oversight, advice and challenge relating to Triple Point’s products and investments to support delivery of good customer outcomes.
  • Facilitate the 2LOD Product Risk Monitoring Programme, ensuring all meetings are scheduled and aligned to reporting timelines.
  • Support the coordination and challenge of product risk assessments, including Risk and Control Self-Assessments (RCSA), thematic reviews, and scenario analysis.
  • Develop and implement a new/change Product Risk Assessment process.
  • Monitor and support the development of 2LOD Consumer Duty metrics to ensure indication of changes in customer outcomes, product performance etc are identified early and mitigation strategies applied.
  • Review and provide oversight of Product Stress Testing outcomes.
  • Lead the oversight of product-related incidents and near misses, ensuring root cause analysis is undertaken, actions are documented, and lessons learned are implemented.
  • Support the delivery of risk reporting, representing second line of defence, in key management committees and boards.
  • Support the wider risk team with risk related activities.

Knowledge & Experience

Essential

  • Minimum of 5 years' experience in a risk management role within financial services, with team or project leadership responsibilities.
  • Experience in investment/credit analysis.
  • Experience in facilitating and challenging structured risk assessment activities, including Risk and Control Self-Assessments (RCSA), scenario analysis, and thematic deep dives.
  • Experience of the broader regulatory and legislative requirements of product risk, such as Consumer Duty, CASS.
  • Understanding of product governance frameworks and oversight of product lifecycle activities (e.g. new product approvals, value assessments, customer outcome reviews).

Preferred

  • Knowledge of relevant conduct and regulatory aspects of products and investments, such as knowledge of AIFs, UCIS and MiFID requirements.
  • Experience of stakeholder management and engagement with Committees/Boards.

Key Responsibilities

GDPR & Data Governance Framework

  • Lead the design, coordination, and implementation of an enhanced GDPR and Data Management plan.
  • Responsible for developing a comprehensive GDPR policy suite, including Data Protection Policy and Procedures, Data Retention and Erasure Policy, Privacy Notices, and Data Breach Response and Reporting Procedures.
  • Re-assess the firm’s approach to Record of Processing Activities (ROPA) and update the Data Location Register to ensure completeness and accountability.
  • Review and enhance the framework for Data Privacy Impact Assessments (DPIA) and ensure alignment with operational processes and systems.

Governance, Oversight and Reporting

  • Support the establishment of a GDPR Working Group, with clear ownership and accountability mapped across 1LOD and 2LOD functions.
  • Design and implement reporting mechanisms to the Risk Committee and ManCom, ensuring transparent oversight of progress, issues, and residual risks.
  • Review documented roles, responsibilities, and decision rights for GDPR governance, including escalation routes and assurance checkpoints.

Stakeholder Engagement & Change Management

  • Facilitate structured engagement with key stakeholders to ensure activities are embedded and understood across the business.
  • Coordinate input from subject matter experts, legal advisors, and external assurance providers to validate outputs and milestones.
  • Support the Group Risk & Compliance function in formalising compliance oversight and accountability mechanisms.

Compliance Monitoring & Continuous Improvement

  • Support the Compliance function in redefining the GDPR compliance monitoring, aligned to 2LOD assurance activity and the Risk Management Framework.
  • Design and document metrics and KPIs to track effectiveness of data protection controls and risk mitigation actions.
  • Develop a regulatory horizon scanning process for emerging data protection legislation, including the Data (Use & Access) Act 2025, to ensure proactive compliance adaptation.

Documentation & Delivery

  • Produce high-quality documentation, process maps, and records to evidence compliance improvements.
  • Ensure all proposed actions are tracked to completion, with clear audit trails and supporting artefacts.

Knowledge & Experience

  • Minimum 5 years’ experience in business analysis, within financial services or regulated environments (essential).
  • Proven experience in data protection and GDPR compliance projects, including policy development, ROPA creation, and governance design (essential).
  • Familiarity with data governance frameworks, privacy impact assessments, and third-party data processor oversight (essential).
  • Knowledge of UK GDPR, Data Protection Act 2018, and Data (Use & Access) Act 2025 (essential).
  • Experience coordinating cross-functional projects and presenting progress to senior management or committees (preferred).
  • Experience engaging with external auditors, legal counsel, or regulators (preferred).

Qualities and Competencies

  • Structured, methodical, and process-driven approach to analysis and problem-solving.
  • Excellent interpersonal and communication skills with the ability to engage senior stakeholders.
  • High attention to detail with strong documentation and analytical capabilities.
  • Ability to work independently and drive progress within tight timeframes.
  • Strong commitment to professional standards, integrity, and continuous improvement.
  • Adaptability to evolving priorities in a dynamic, multi-stakeholder environment.
  • Comfortable working under Risk and Compliance oversight within a 2LOD framework.

Why Join Us

  • Be a part of a forward-thinking and innovative company.
  • Play a key role in developing and implementing GDPR framework and policies.
  • Work with a talented and driven team in a collaborative and connected environment.

Triple Point Values

High Performance at Triple Point means living our values at the top of your game.

Our five values are below, you can read more on our website about how we embed our values to drive a high-performance culture.

  • Stay Curious
  • Be Generous
  • Take Thoughtful Action
  • Pull Together
  • Own It

Triple Point offers a wealth of benefits including a contributory pension, hybrid/flexible working and ongoing learning and development opportunities. Check out our comprehensive list of benefits HERE.

Apply today for further information!

Triple Point is dedicated to providing fair and equal opportunities for all individuals, including both current and potential employees. Discrimination of any kind based on factors such as age, disability, gender, sexual orientation, pregnancy, race, ethnicity, religion, gender identity, or marital status is not tolerated by the company.

Our aim is to create a welcoming and diverse work environment where people from all walks of life feel valued and supported. We actively encourage individuals from various backgrounds to apply for job vacancies and become part of our team.

STRICTLY NO AGENCIES

Apply now
See more open positions at Triple Point
Privacy policyCookie policy