We are seeking a highly motivated and experienced Data Privacy Specialist to join our team under the Cybersecurity department. The Data Privacy Specialist will be responsible for establishing and executing world-class Corporate-wide data governance to ensure all data assets are proactively and efficiently governed and managed across Tayseer Finance, to foster a data driven organization and promote data value realization in line with its strategic goals. This office also supports the organization to process personal data in a compliant manner, adequately protect personal data and remain transparent in the manner in which personal data is processed, whilst also ensuring it is compliant with global and local privacy laws and regulations e.g. GDPR and PDPL.

Skills

Duties & Responsibilities:

• Establish and govern an enterprise Data Privacy Compliance Program and Implementation Plan
• Establish and rollout an enterprise-wide data privacy framework and operating model, with a focus on areas processing high risk personal data and/or sensitive personal data
• Outline and support activities to comply with internal data privacy policies and procedures, in order to comply with relevant privacy and data protection regulations and industry best practices
• Provide Privacy guidance, training and promote greater privacy awareness across the organization. Educate staff on applicable data privacy regulations and law, internal privacy policies, procedures and best practices.
• Establish a record of personal data processing activities (RoPAs) and mapping. Create data flow maps to understand the lineage and lifecycle of high-risk personal data within the organization
• Work with Procurement and Third-Party Risk Management teams to ensure adequacy of assessment, evaluation and monitoring of third-party vendors that hand personal data, in terms of their data handling practices, security and contracts, to ensure they comply with privacy and data protection requirements
• Support incident response and breach management process. Work with information security teams to ensure adequacy of incident response plan to handle data breaches or privacy incidents effectively. Coordinate with internal stakeholders and regulatory authorities as required
• Support business areas and corporate functions in reviewing and updating all relevant Privacy Notices or statements where relevant
• Conduct internal privacy audits and assessments to identify gaps and areas for improvement. Recommend and implement corrective actions as needed

Education & Experience Requirements:

• Bachelor's degree in a relevant field (e.g. Computer Science, Information Systems, Law, or a related discipline).
• Proven experience in implementing personal data protection with a strong understanding of the relevant regulatory frameworks.
• It is preferable to have experience in risk issues or data security and protection.
• Familiarity with personal data protection systems and policies
• Knowledge of information security and protection (classification, and data privacy)