VP - Data Privacy

  • Full-time
  • Sub Division: Data Analytics and Artificial Intelligence
  • Division: GCOO

Company Description

Join the UAE’s largest bank and one of the world’s largest and safest financial institutions. Our focus is to create value for our employees, customers, shareholders and communities to grow through differentiation, agility and innovation. We are looking for top talent and your success is our success. Accelerate your growth as you help us reach our goals and advance your career. Be ready to make your mark a top company, in an exciting & dynamic industry. 

Job Description

Job Purpose

The Data Protection Officer, UAE (DPO) shall report to the Head of Data Governance  and will be responsible for all compliance aspects related to Data Privacy. This will include:

    • All DPO responsibilities under Federal Law for Personal Data Protection and applicable provisions of GDPR
    • Data Management and Protection responsibilities for Central Bank UAE regulations and in particular Consumer Protection Regulation
    • Co-ordinating All First Line of Defence (FLOD) response to Data Privacy
    • Policy and Procedure Updates
    • Training Business Units in applicable regulatory requirements, developments and integration into Bank Policy and procedural design
    • Consulting for various Business Units in the course their First of Line Defence responsibilities and co-ordinating with Second Line of Defence for reviews / reporting

Key Accountabilities

  • Ensuring Compliance with laws relation to Data Privacy
  • Enable Business Units to Implement and execute agreed action for compliance with Data Privacy
  • Consent Management – procedural and system implementation
  • Meet requirements of Data Privacy Policy , particularly Privacy by Design in all new initiatives
  • Ensuring Business Units complete Data Privacy Risk / Impact Assessments
  • Applicable Meet project deliverables and provide compliance assurance with standards such as GDPR, PDPO(HK), PDPA(SG), CSF(KWT) and Consumer Protection Regulations (UAE).
  • Serve as representative for Data Privacy for all International Jurisdictions and co-ordinate their efforts for Compliance
  • Maintain liaison with Data Protection Authority, Group Legal and Compliance departments and Second Line of Defence
  • Meet requirements of GSO Team reg Design of TRAs, Architecture Review Boards 
  • Meet requirement of Privacy by Design in all new Technology Initiatives in respect of Stakeholders
  • Assist Head of data Governance, Chief Data Officer with Strategic meetings of relevant Committees relating to Data Privacy
  • Implement Governance Frameworks, design of Data Privacy Strategy, and Operational Plans
  • Provide Subject matter expertise on data privacy program implementation to FLOD
  • Maintain Register of Processing activities, Privacy Notices
  • Drive implementation privacy governance framework to effectively protect data use in compliance with the data privacy regulations, including developing templates for data collection, assisting with data mapping, and vendor management reviews;
  • Work with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on data privacy impact assessments;
  • Serve as the primary point of contact and liaison for the [Lead Supervisory Authority] and other EEA Data Protection Authorities on all data protection related matters under the GDPR;
  • Serve as the primary point of contact for queries in the business at Region level;
  • Review vendor contracts (including Model Clauses) and consents needed to implement projects in partnership with the firm’s Procurement and Information Security functions, and ensuring filing requirements with local regulators are achieved; 
  • Maintain data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests.

Qualifications

Essential

  • Master’s degree preferred in relevant fields such as Law, Technology or Management
  • Experience of working in Data Privacy for atleast 3 years
  • Overall experience of atleast 15 years in data governance, information security or related law fields or Technology or Operations in a sufficiently senior capacity
  • Experience of atleast 2 years in regulator liaision
  • CIPP/E Certification

Desirable

  • Previous experience in preferably in banking and financial industry of various banking technology or operations of atleast 15 years  
  • Qualifications in Information Security such as CISA or Data Privacy such as CIPM  or Law related qualifications
  • Knowledge in using privacy tools

Other requirements

  • Strong knowledge of MS Office
  • Excellent written, verbal and oral communication skills
  • Ability to Influence Stakeholders, conduct workshops on Data Privacy, multi-task and meet competing deadlines
  • Ability to analyse events, identifying root cause and prepare recommendations for optimum resolutions according to approved policy and practice.
  • Excellent interpersonal and organizational skills, effective time management, and the ability to shift priorities working within established timelines
  • Demonstrates initiative (learn processes and procedures, various benefits) and displays self-motivation to grasp new concepts quickly
  • Ability of paying attention to detail as well as contributing to Data Privacy Strategy

Additional Information

#LI-KS1

Privacy PolicyImprint