Managing Privacy & Data Protection Compliance across the enterprise
Advising on legal requirements and best practice
Develop and maintain a knowledge base for privacy and data protection laws
Implement Data Protection Policy across the enterprise. Setup processes to monitor compliance. Provide organizational compliance and conformance reports on privacy and data protection to the CRO and top management.
Provide guidance to delivery and support functions on processing of personal data. Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps.
Maintain data flow maps
Undertake data protection and privacy compliance audits in accordance with applicable requirements
Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders
Development and update a comprehensive privacy awareness training program and promote awareness across the company
Knowledge of major data protection and privacy related acts across the globe
Hands on ISO27001 and other information security standards/practices
knowledge of information risk assessment and risk management
Ability to analyze legislative requirements and relate these to organizational policies and practices
Attitude to learning and development, a record of continuous professional development
Strong interpersonal skills. Ability to influence leadership team internally and clients externally
Understanding of technology controls related to Information Security
Graduate in any discipline Degree in Law will be desirable
Professional certifications related to privacy and information security preferred.