Are you passionate about safeguarding sensitive data and ensuring regulatory compliance We are seeking a dynamic Data Protection Lead to join our Data, Technology & Cyber Risk function and pioneer the Data Protection program across YTL Digital Bank.
Job Description
The Data Protection Lead will assist the Chief Information Security Officer to establish and maintain robust governance and oversight over data protection. In this role, you will play a pivotal role in shaping the way we handle, govern, and enhance our data assets, and comply with data protection laws and regulations.
Primary Responsibilities
- Assist with the development, review, update and/or implementation of data protection-related framework, policy, guideline and/or initiative(s) to facilitate effective risk management and governance over data risk and data protection.
- Review and assess the extent of compliance with internal policies, guidelines, data protection laws and regulatory requirements.
- Conduct Privacy Impact Assessments (PIAs) to ensure that Personally Identifiable Information (PII) is appropriately protected, and recommend mitigation actions to address vulnerabilities, if any.
- Advise Business Units and Functional Units to embed data privacy considerations and/or control measures into the design and implementation of new products, services and processes.
- Provide advisory, guidance and challenge to Business Units and Functional Units in their management of data risks to achieve their business objectives and within the organization's risk appetite.
- Investigate and report on incidents of data breaches or non-compliance, as required.
- Assist with the development and/or review of incident response procedures to address data breach incidents, including notification to internal stakeholders and relevant authorities, as required.
- Work with Senior Management and stakeholders to ensure that the organization has and maintains appropriate data privacy and confidentiality documentation.
- Work with Senior Management and stakeholders to ensure awareness of best practices relating to data privacy and data security, fostering data risk awareness and security-conscious culture.
- Coordinate with the Cyber Security and Technology teams to ensure alignment between cyber security and data privacy practices.
- Establish relevant Key Risk Indicators (KRIs) and metrics to monitor and measure data risk exposures.
- Prepare and present data risk reports to Senior Management and relevant committees, highlighting key findings, recommendations, trends and/or non-compliance with applicable data protection regulations.
- Respond to enquiries and audits (i.e. internal, external, regulatory and relevant authorities) pertaining to data protection.
- Provide regulatory compliance support, guidance and advice to Business Units and Functional Units regarding regulatory changes and updates, where relevant and required.
- Stay abreast of emerging technology trends, data protection laws, and regulatory developments to proactively address potential risks, and assist the Senior Management (and/or Board) understand potential concerns or risks that might impact the organization.
Qualifications
- Bachelor's degree in law, Information Technology, Data Science or a related field.
- Minimum of 12 years experience in any of these disciplines: data protection, information security, risk management or compliance in related areas.
- Professional certification such as CDPSE, CISSP, CISA, CISM or CRISC would be advantageous.
- Sound knowledge in regulatory requirements around technology risk (e.g. BNM's Risk Management in Technology, Guidelines on Data Management and MIS Framework) and data protection laws (e.g. PDPA).
- Knowledge of data management principles and concepts would be desirable.
- Possess strong verbal and written communication skills, and capable of engaging senior stakeholders.
- Clear analytical thought process and good understanding of emerging technological developments and risk management frameworks.
- Ability to work independently and manage multiple projects.
- Detail-oriented with a strong sense of ethics and integrity.
Interested candidates please submit your application through Jobstore
