Data Protection Officer

Job Description

The Data Protection Officer is responsible for ensuring the organization's compliance with data protection laws and regulations. The DPO will oversee the development and implementation of policies, procedures and safeguards to protect personal data and ensure its lawful processing. The role involves working closely with internal stakeholders to ensure privacy and data protection practices are embedded across the organization.

Responsibilities:

• Develop and implement a comprehensive data protection strategy and framework in compliance with applicable laws and regulations.
• Monitor and assess the organization's data processing activities to ensure compliance with data protection requirements and identify any risks or non-compliance issues.
• Conduct privacy impact assessments (PIAs) to identify and mitigate potential privacy risks associated with new projects, initiatives or changes to existing processes.
• Advise and provide guidance to internal stakeholders on data protection matters, including data processing agreements, consent mechanisms, data subject rights and data breach management.
• Collaborate with cross-functional teams to embed privacy and data protection principles into business processes, systems and practices.
• Develop and deliver data protection training and awareness programs to raise employees understanding and compliance with data protection policies and procedures.
• Serve as the primary point of contact for individuals exercising their rights under data protection laws, such as data subject access requests and complaints.
• Conduct regular audits and assessments to monitor compliance with data protection policies and identify areas of improvement.
• Stay updated on developments in data protection laws, regulations and industry best practices and proactively advise the organization on any necessary changes to ensure ongoing compliance.

Requirements:

• A BA or BSc Degree in Information Security, Computer Science or a similar field.
• Work experience in privacy, compliance, information security, auditing or a related field will be considered an advantage.
• One or more International Association of Privacy Professionals (IAPP) or Certifications such as CIPP/E, CIPP/US and/or CIPM.
• ISACA certifications in governance and risk management (E.g. CRISC, CGEIT etc.) can be an added advantage.
• Desired work experience may include + years in privacy and/or compliance-related risks management positions.

Consideration will also be given to other relevant fields such as business administration, information technology, etc, as long as the candidate can demonstrate relevance to the information security-based role.

Interested candidates can apply online or email your CV to [email protected]