Job Description

• Act as the primary point of contact within DataX for regulators, and any relevant public bodies on issues related to data protection, providing support as the DPO across SCBx
• Develop and review a Data Protection Management Programme (DPMP) that covers policy, processes, procedures, and people for the handling of personal data at each stage of the data lifecycle.
• Facilitating Privacy policy revises and updated as needed
• Maintain records of processing activities (RoPA) carried out by DataX
• Assisting with PIAs, LIAs and Privacy by design assessment
• Liaise between related parties and data subject regarding the data subject's rights
• Conduct privacy impact assessment during a change in process or technology that may process the personal data
• Coordinate with key stakeholders and ensure the completeness on test scenario prepatation, UAT, training, business verification and go-live readiness checking
• Coordinate the investigation of all personal data breaches; working with the business, IT, Information Security and others to swiftly address the issue, diagnose the cause and extent of the problem, develop remediation actions including managing communication with relevant impacted individuals and the supervisory authority
• Handle complaints and requests by institutions, the data controller and data subject Work with legal team to ensure completeness of third-party contract have required data privacy clause
• Coordinate, harmonize and present outcomes to relevant committee
• Enhance compliance processes based on an evaluation of gaps in business operations and data protection requirements, and clarify on ethically questionable situations at various stages of data or information life cycle
• Support and communicate information about data privacy.
• Creating and maintaining a knowledge management and template repository
• Devise training plans and provide data protection advice and support for members of staff.
• Promote a culture of data protection compliance across all units of the organization

Qualifications

• Bachelor’s or Master’s Degree in Law, Technology or related fields.
• Legal and technical expertise on data protection
• Have significant hands-on privacy experience and expert knowledge of data protection law and practice for the purposes of implementing PDPA mandates
• Ability to understand of all personal data processes and processing operations, IT systems and security needs within the organization
• Ability to communicate complex privacy-related concepts and requirements in simple terms, including being able to translate regulator recommendations into internal guidelines and other documentation
• Keep abreast of changes in law and technology that may change the threat landscape and, as a result, change DATAx's exposure to risk
• Experience in technology risk management and IT compliance is advantage
• Experience in deep technology about data analytic, data engineering, data modeling, machine learning, AI and cloud is advantage

Recruiter

Poranee