Data Privacy Officer

About the Role

Data Privacy Officer team is committed to ensuring that all of our customers’ data is protected and that our work complies with data protection legislation. We’re seeking a data privacy officer to help improve our management of potentially sensitive information, conduct regular internal security audits, and serve as the main point of contact between our company and data protection authorities.

The ideal candidate will have excellent organizational, communication, and management skills, along with an ability to lead training sessions and workshops for staff members. In this role, the data privacy officer will often be asked to independently communicate with all relevant employees to promote data protection compliance within the organization.

Work Responsibilities

• Serve as the main point of contact within the organization for staff members, regulators, and relevant public authorities on issues related to data protection.
• Ensure that company policies are in compliance with codes of practice such as GDPR, PDP Law, Ministry of Communication and Informatics Regulation on Personal Data)(Collectively referred to as “Laws and Regulation related to PDP”).
• Evaluate the existing data protection governance framework to identify areas of no or partial compliance, and rectify any issues as well as provide gap analysis between newly enacted Laws and Regulations related to PDP and Bank’s internal policy and procedure.
• Devise training plans and provide data protection advice to staff members
• Inform and advise the data controller or data processor on all matters related to data protection.
• Promote a culture of data protection and compliance across all units of the organization.
• Provide expert advice and educate employees on important data compliance requirements
• Draft new and amend existing internal data protection policies, guidelines, and procedures, in consultation with key stakeholders
• Deliver training across all business units to staff members who are involved in data handling or processing
• Conduct audits to ensure compliance and to address potential issues
• Maintain records of all data processing activities of the company
• Serve as a point of contact for law enforcement requests on personal data as well as data protection authorities

Job Requirements

• At least 5 years of experience in data protection compliance or related fields. Preferably a combination between tech company and law firm with experienced in technology practice group (TMT)
• Graduated from a reputable university preferably majoring in law
• Expertise in data protection laws and practices, including deep understanding of Laws and Regulation related to PDP 
• Additional certification related to personal data protection is an added point
• Experience in a legal, audit, or risk management role 
• Strong project management skills
• Ability to work effectively under pressure and to manage sensitive and confidential information
• Excellent verbal and written communication skills, with strong attention to detail

Leadership Competency

Individual Contributor