Job Purpose:The Specialist II, Data Privacy & Governance, is responsible for implementing, monitoring, and maintaining the organization’s data privacy and governance frameworks. This role ensures that all personal and sensitive data, Business data is collected, processed, classified, stored, and shared in compliance with applicable privacy laws, regulatory requirements, and internal policies
Principal Accountabilities: Data Privacy Compliance Support the development, implementation, of the organization’s privacy policies, procedures, and controls. Ensure compliance with internal Polices national ,international Stander and regulation (e.g., GDPR, NDMO, PDPL, or other relevant laws). Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) for new projects, systems, and vendors. Monitor and report on privacy compliance metrics and issues.
Data Governance participate in defining data Governance Frameworks, including data classification, ownership, and stewardship models. Supervise the detection of deviations from established security policies, procedures, and role mappings, analyse findings and report discrepancies to management for timely remediation. Maintain and update the Record of Processing Activities (RoPA) to ensure accurate data mapping and inventory. Collaborate with IT, Legal, and Business Units to ensure data integrity, consistency, and quality. Supervise and monitor IT environments and related functions to ensure compliance with organizational policies and regulatory requirements. Develop and maintain documentation such as privacy notices, consent forms, data transfer agreements, and data retention schedules.conduct and support Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new projects, systems, and vendors. Implement and monitor data governance principles such as data classification, metadata management, data quality, and data lineage. Work with data stewards across departments to improve data accuracy, consistency, and completeness. Supervise & Prepare plans and ensure the completion of deliverables related to Findings as required. Supervise & Assign tasks and issues related to Findings / Observations from Control Functions as required, monitor to ensure progress and timely completion. Identify and evaluate risks related to personal data processing, access, and sharing. Support the incident response process for data breaches or privacy violations — including investigation, root cause analysis, and mitigation. Develop and monitor privacy and governance Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs). Supervise and track all IT and Security related audits including scope of audits, timelines, and outcomes. Maintain up-to-date knowledge of relevant laws, regulations, and industry standards, and communicate changes to stakeholders. Support the creation governance policies, procedures, and guidelines, SOP. Collaborate with various departments to implement and maintain governance frameworks. Participate in internal and external assessments to ensure continual improvement of governance and compliance initiatives. Review and validate the Access Review user for IT financial systems. Prepare documentation and evidence for internal and external audits for NCA, ISO, PDPL, NDMO, SDAIA. Ensure incident handling aligns with policies and Procedures. Support security awareness and policy training programs for IT and business units. Provide compliance guidance to application owners, system admins, and stakeholders. Perform regular control and Risk management, gap analysis on IT and cybersecurity controls.
Miscellaneous Duties Perform additional tasks as required to support team objectives and broader business goals.
Requirements:3– 5 years of relevant experience Preferred: Certifications in Risk and Information Systems Control. ISO/IEC 27001 Lead Implementer Auditor