Data Protection Specialist - DataX - September 12, 2022
Act as the primary point of contact within DataX for regulators, and any relevant public bodies on issues related to data protection, providing support as the DPO across SCBx
Develop and review a Data Protection Management Programme (DPMP) that covers policy, processes, procedures, and people for the handling of personal data at each stage of the data lifecycle.
Maintain records of processing activities (RoPA) carried out by DataX
Assisting with PIAs, LIAs and Privacy by design assessment
Liaise between related parties and data subject regarding the data subject's rights
Conduct privacy impact assessment during a change in process or technology that may process the personal data
Coordinate with key stakeholders and ensure the completeness on test scenario prepatation, UAT, training, business verification and go-live readiness checking
Coordinate the investigation of all personal data breaches; working with the business, IT, Information Security and others to swiftly address the issue, diagnose the cause and extent of the problem, develop remediation actions including managing communication with relevant impacted individuals and the supervisory authority
Handle complaints and requests by institutions, the data controller and data subject Work with legal team to ensure completeness of third-party contract have required data privacy clause
Coordinate, harmonize and present outcomes to relevant committee
Enhance compliance processes based on an evaluation of gaps in business operations and data protection requirements, and clarify on ethically questionable situations at various stages of data or information life cycle
Support and communicate information about data privacy.
Creating and maintaining a knowledge management and template repository
Devise training plans and provide data protection advice and support for members of staff.
Promote a culture of data protection compliance across all units of the organization
Bachelor’s or Master’s Degree in Law, Technology or related fields.
Legal and technical expertise on data protection
Have significant hands-on privacy experience and expert knowledge of data protection law and practice for the purposes of implementing PDPA mandates
Ability to understand of all personal data processes and processing operations, IT systems and security needs within the organization
Ability to communicate complex privacy-related concepts and requirements in simple terms, including being able to translate regulator recommendations into internal guidelines and other documentation
Keep abreast of changes in law and technology that may change the threat landscape and, as a result, change DATAx's exposure to risk
Experience in technology risk management and IT compliance is advantage
Experience in deep technology about data analytic, data engineering, data modeling, machine learning, AI and cloud is advantage