Deputy Manager, Data Protection Compliance in Risk and Compliance Division

Qualifications

• Bachelor’s degree in Law, IT, Business, or related field
  
• Membership of good standing in relevant professional association/ Institute.
  
• Professional certifications such as CIPP/E, CIPM, or equivalent privacy qualification is an added advantage.
  

Work Experience

• Minimum 5 years' experience in data protection, privacy compliance, or related risk roles in an organization of similar size and complexity.
  

• Maintain, and monitor the bank’s Privacy & Data Protection Framework, policies and standards.
  
• Maintain records of processing activities and lawful basis inventory across departments and the Bank as a whole.
  
• Provide advisory on privacy-by-design for new products, digital channels and new technology implementations.
  
• Conduct Data Privacy Impact Assessments as required.
  
• Coordinate data protection inquiries, breach notifications, and inspections.
  
• Co-lead incident response for data protection incidents.
  
• Coordinate post incident root cause analysis and lessons learned to enhance controls.
  
• Embed privacy in third party risk management.
  
• Design and deliver role-based privacy and data awareness training.
  
• Oversee retention and disposal aligned to legal, regulations, and business needs and work with IT and Records Management to operationalize deletion and archive controls.
  
• Plan and execute privacy control testing, thematic reviews, and supplier audits.
  
• Track remediation and report control maturity and risk posture.
  
• Prepare data protection compliance reports and dashboards.