Bachelor’s degree in Law, Information Technology, Computer Science, or related field.

Minimum of 7–10 years of experience in Data Protection, IT GRC, Compliance, or Cybersecurity, preferably within financial services or regulated institutions.

Professional certification like CIPP/E, CDPO or CIPM from accredited issuing bodies.

Sound knowledge of the Nigeria Data Protection Act (NDPA 2023), NDPC Regulations, CBN IT Standards, and global Data Protection frameworks (e.g., GDPR).

Strong analytical, communication, and stakeholder management skills

Compliance & Governance

Responsible for developing, implementing, and monitoring adherence to Data Privacy policies, procedures, and controls, including NDPA 2023, CBN regulations, and NDPC directives

Ensures that all obligations are met with respect to lawful processing, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

Maintain and regularly update the Record of Processing Activities (RoPA) and oversee the NDPC Data Protection Compliance Audit.

Data Subject Rights & Requests Management

Coordinate and ensure timely, compliant responses to all Data Subject Access Requests (DSARs) and other individual rights requests.

Manage data subject rights requests- including access, rectification, erasure, restriction, objection, and portability within statutory timelines.

Develop and enforce the organisation's Data Protection Policy, Privacy Notice, Cookie Policy, Retention Policy, and all supporting privacy documentation.