Title:  Manager, Data Protection Office

Job Responsibilities

• Ensure implementation of company’s data protection framework and program which include policies, procedures and processes.
• Monitor compliance with relevant data protection laws and regulations, ensure business units’ adherence to data protection policies, procedures and processes, conduct audits and reports on data incidents.
• Identify and implement controls to align business operations with data protection requirements.
• Conduct Data Protection Impact Assessments (DPIAs) to assist internal stakeholder in risks or gaps mitigation to achieve regulatory compliance.
• Interface with various stakeholders to provide real time advisory on data protection and innovation matters or enquiries.
• Conduct trainings on data protection regulations, guidelines and to review into data protection related contractual obligations (alongside the Legal team).
• Provide assistance on data access and correction requests to various business units.
• Other duties include monitoring changes to the data protection landscape, annual internal review of processes, maintaining quality assurance of documentation to ensure accountability under relevant data protection laws and regulations.

Job Requirements

• University degree
• IT security, compliance, enterprise risk, audit or related background is an advantage
• Minimum 3 years of regulatory compliance experience covering personal data protection or PDPA
• CIPP/CIPM/CIPT or other relevant certification is an added advantage
• Comfortable working with multiple stakeholders, to influence and drive projects
• Self-driven, motivated with business-oriented mindset to deliver solutions and results
• Good negotiation and communication skills, which is essential to foster a strong data protection culture throughout the Company and to maintain and enhance stakeholders’ trust.