وصف الوظيفة
Role Overview:
The Data Privacy Consultant will support the bank’s privacy initiatives in alignment with the Personal Data Protection Law (PDPL) and global privacy best practices. This role involves implementing privacy controls, conducting data classification exercises, and advising on compliance with internal policies and external regulations. The Consultant will work closely with cross-functional teams to embed privacy-by-design and ensure proper handling of personal and sensitive information.
Key Responsibilities:
- Act as a subject matter expert on data privacy and protection, particularly PDPL compliance.
- Support the implementation and maintenance of the bank’s data privacy program.
- Conduct data classification and mapping exercises across banking systems and departments.
- Utilize Data Loss Prevention (DLP) and privacy tools for monitoring, reporting, and incident handling.
- Perform privacy impact assessments (PIAs) and risk assessments on new and existing projects.
- Develop and maintain data privacy policies, standards, and procedures.
- Liaise with IT, legal, risk, and compliance teams to ensure privacy controls are aligned with security and regulatory requirements.
- Train employees on privacy awareness and policy adherence.
- Monitor and respond to privacy incidents or data breaches in coordination with cybersecurity and legal teams.
- Stay up to date with privacy laws, regulations, and industry trends and translate them into actionable internal policies.
متطلبات الوظيفة
Qualifications & Experience:
- Bachelor's degree in Information Security, Computer Science, Law, or a related field.
- 6+ years of total experience in Information Security or IT Governance.
- Minimum of 2 years hands-on experience in data privacy, with demonstrated knowledge of PDPL or similar regulations (e.g., GDPR, CCPA).
- Experience working in or with the banking/financial services sector is highly preferred.
- Proficient in the use of data privacy and protection tools such as Data Loss Prevention (DLP), data classification tools, or other privacy management platforms.
- Solid understanding of privacy risk management and governance frameworks.
Preferred Certifications:
- Certified Information Privacy Professional (CIPP/E, CIPP/M, or equivalent)
- Certified Information Privacy Manager (CIPM)
- Certified Information Security Manager (CISM)
- ISO/IEC 27701 Lead Implementer or similar
Core Competencies:
- Strong understanding of regulatory requirements, especially PDPL.
- Analytical thinking with a risk-based approach.
- Excellent written and verbal communication skills.
- High level of integrity and confidentiality.
- Ability to manage multiple stakeholders across business units.
- Project management and organizational skills.