Data Security Manager

Lucidya stands as a prominent B2B SaaS enterprise dedicated to empowering brands throughout the MENA region by enhancing customer relationships via AI-driven customer experience analytics.

As we continue to expand, we are eager to onboard a Compliance Manager who will take charge of establishing and managing our compliance and risk management strategies. This critical position will be foundational in developing and executing policies and procedures that guarantee regulatory adherence while effectively mitigating risks. The Compliance Manager will report directly to the Director of Strategy & Performance and will work collaboratively with various teams within the organization to uphold and enhance compliance standards.

Key Responsibilities:

• Risk Assessment: Proactively identify and evaluate compliance risks across all organizational levels, regularly conducting risk assessments to prevent potential challenges.
• Compliance Monitoring: Monitor compliance patterns, generate ongoing status reports, and ensure adherence to both internal policies and external regulations.
• Policy Development & Implementation: Formulate, review, and revise policies to align with established regulations (such as GDPR and ISO standards), ensuring clear communication and enforcement throughout every department.
• Training & Awareness: Manage compliance training initiatives, ensuring employees are updated on relevant compliance requirements while tracking their participation.
• Auditing & Reporting: Execute routine audits, document findings, and resolve compliance issues promptly. Collaborate with internal and external auditors for comprehensive evaluations.
• Issue Resolution & Advisory Support: Respond to compliance risks or violations, provide management with improvement recommendations, and keep stakeholders updated with the latest compliance developments.
• Business Continuity: Design and implement business continuity strategies, including executing a Business Impact Analysis (BIA) to bolster company resilience against disruptions.

90-120 Day Expectations:

• 90 Days:
  • Attain a thorough understanding of the company's operations and structure.
  • Commence the implementation of the compliance program by conducting risk assessments and identifying key areas of concern.
  • Begin the development and refinement of essential compliance policies and procedures in accordance with global regulatory standards.
  • Engage with departments to understand their operations, pinpoint compliance risks, and kick-start audits.
• 120 Days:
  • Perform a complete compliance and risk audit across major departments to ensure alignment with updated policies.
  • Launch compliance training initiatives and track their progress within the organization.
  • Establish a robust compliance status reporting framework, ensuring stakeholders receive regular updates.
  • Finalize the Business Continuity Plan, integrating a BIA to enhance preparedness for potential disruptions.
  • Review and refine internal processes, ensuring that compliance is seamlessly integrated into ongoing company operations.

Key Performance Indicators:

• Count of completed risk assessments and audits.
• Percentage of departments and projects audited for compliance.
• Number of new policies established and enacted.
• Ratio of resolved compliance issues within Service Level Agreements (SLAs).
• Total number of compliance training sessions conducted.
• Quality and timeliness of compliance reports provided to stakeholders.

Challenges:

• Understanding Organizational Functions: Rapidly gaining an intricate understanding of diverse departmental operations is a considerable challenge; each function varies, requiring detailed investigation to effectively identify risks. Building strong relationships with department heads and effectively communicating the purpose of compliance assessments is crucial for securing cooperation.
• Establishing a New Compliance Framework: As this function is newly established, creating a comprehensive compliance and risk management framework presents its own set of challenges. The role calls for implementing monitoring systems, forming policies, and ensuring compliance is infused into daily activities. Proactively identifying and optimizing areas for improvement is essential.

Qualifications & Skills:

• Required:
  • A minimum of 2 years of targeted experience in compliance and risk management.
  • Proven experience in auditing and managing incidents within a corporate setting.
  • Exceptional documentation skills with the ability to produce detailed compliance reports.
  • Certification in auditing (e.g., ISO certifications such as ISO 9001 and ISO 27001).
  • Familiarity with technological regulations like GDPR, ISO standards, and compliance requirements.
  • Expertise in designing and conducting compliance training programs.
  • Knowledge of global regulatory frameworks and business continuity strategies.
  • A curious, investigative mindset complemented by strong communication capabilities.
• Preferred:
  • Experience in Initial Public Offerings (IPOs) or with public enterprises.
  • Knowledge of Environmental, Social, and Governance (ESG) principles.
  • Proficiency in the Arabic language.
  • Experience within the technology sector, particularly in SaaS or B2B environments.