Data privacy officer

Serve as the main point of contact within the Bank for staff members, regulators, and relevant authorities on issues related to data privacy and protection.Ensure that Bank’s policies and procedures are in compliance with codes of practice including QCB and PDPPL.Evaluate the existing data privacy and protection governance framework to identify areas of no or partial compliance, and rectify any issues.Devise training plans and provide data privacy advice to staff members.Promote a culture of data privacy and compliance across all units of the organization.Key Accountabilities Provide expert advice, advising business units on matters pertaining to data privacy and its protection.Educate and raise awareness among employees on data privacy and protection compliance requirements, including data management, classification, handling, cataloguing, mapping, stewardship, backup, retention, disaster recovery, etc.Draft and amend the Bank’s data privacy policies, notices, guidelines, application forms, and procedures in consultation with key stakeholders to ensure compliance with data privacy and protection regulations.Coordinate with relevant teams for disaster recovery and business continuity planning, including communication plans with QCB.Deliver training across all business units to staff involved in data handling or processing.Establish consent and rights management in coordination with stakeholders.Assess and monitor changes in the legal and regulatory landscape of foreign jurisdictions and report significant findings to management and QCB.Assess the Bank’s compliance with data privacy and protection laws and regulations.Evaluate contractual and controls efficiency with third parties involved in data privacy handling.Maintain records of all data processing activities and oversee DPIAs.Serve as the point of contact with data privacy regulators and liaise on data privacy matters.Respond to customer inquiries, complaints, and breaches, coordinating with internal stakeholders and reporting as necessary.Report on the Bank’s data privacy activities and compliance status to the CEO and relevant committees.Qualifications & Experience7+ years of experience in data privacy, protection, cybersecurity compliance, or related fields.Expertise in data privacy laws and practices, including GDPR, QCB, and PDPPL.Good knowledge in legal, audit, Info Sec, or risk management roles.Strong communication and interpersonal skills.Ability to work effectively under pressure and handle sensitive, confidential information.Relevant certifications such as CIPP or CISSP.#J-18808-Ljbffr