Position: Data Protection Officer
Location: Nairobi
REF: DPO/11/2020
Job Description
The role holder will be responsible for ensuring that the Group processes personal data of its staff, customers, providers or any other individuals (also referred to as data subjects) in compliance with the applicable data protection rules.
Responsibilities
The Incumbent will
report to the Group Head of compliance and will be responsible for:
- Ensuring compliance with the Data Protection laws
and policies of the Group
- As the key point of contact with the regulatory
Data Protection Authority, act as the public-facing function representing
the interests of Data Subjects as well as supervise and advise on the
response to such request.
- Promoting privacy awareness at senior level, as
well as ensuring all staff are trained and know their data protection
responsibilities and obligations.
- Ensuring Data Privacy Impact Assessments are
undertaken in line with data privacy laws.
- Driving implementation of essential elements of
the DPA, such as the principles of data processing, data subjects’ rights,
data protection by design and by default, records of processing
activities, security of processing, and notification and communication of
data breaches.
- Maintaining data protection policies and
procedures.
- Overseeing the maintenance of records required to
demonstrate data protection compliance.
- Supporting data incident response and data breach
notification procedures.
- Providing updates on the Data Protection
compliance programme to the Group Board and Risk Management Committee
and/or those of relevant subsidiaries
Qualifications
- Law degree from an accredited law school required
- Hold at least one Data Protection and/or Privacy
certification
- 5 years’ experience within a compliance, legal,
audit and/or risk function, with recent experience in privacy compliance.
- Experience in Data Privacy laws within the region
and/or EU Data Privacy laws.
- Experience in developing policy and compliance
training.
- Experience working in a financial and/or regulated
industry.
- Experience reviewing information systems related
contracts
- Have carried out at least one Data Protection
Impact Assessment exercise
- Well-developed, professional interpersonal skills;
ability to interact effectively with people at all levels.
- Ability to work unsupervised, exercise leadership,
and influence change.
- Excellent writing and presentation skills.
- Strong change and project management skills,
including the ability to manage time well, prioritize effectively, and
handle multiple deadlines.
- Demonstrated ability to undertake large, long-term
projects, develop alternative methods to complete them, and implement
solutions.
- Ability to use independent judgment and discretion
when making majority of decisions.
- Detail-oriented approach needed to recommend and
implement strategic improvements on a range of data privacy and data
protection issues.
- Ability to handle confidential and sensitive
information with the appropriate discretion and ethics.
- Experience in managing data incidents and
breaches.
- Good understanding of data processing operations,
including information systems, data security and data protection needs of
an institution
How to Apply
If you believe you meet
the above requirements click here to apply for
the position or forward your application to recruit@imbank.co.ke. Your application
should reach us as soon as possible but not later than 12th December
2020.
Please quote reference number followed by the position applied for in the
application.
Please quote the reference
number followed by the position applied for in the application.