Manager Data Privacy and Protection (UAEN)

Job Purpose

The Manager of Data Privacy and Protection is responsible for conducting privacy risk assessments, facilitating privacy impact assessments, and overseeing data protection initiatives. This role involves working with stakeholders to implement privacy controls, maintain regulatory compliance, and develop privacy training programs. The position includes oversight of security measures to protect organizational data and collaboration with technical teams to integrate security across IT infrastructure.

Key Responsibilities

1. Data Privacy Governance
   

• Develop and implement privacy programs, policies, and procedures
  
• Update and maintain privacy policies for customers and employees
  
• Monitor privacy program compliance
  
• Establish privacy consent procedures and information notices
  
• Coordinate with cross-functional teams for enterprise-wide privacy coverage
  
• Manage third-party supplier privacy requirements
  
• Lead privacy-related emergency response
  
• Handle regulatory communications and data subject requests
  

2. Privacy Impact Assessments
   

• Conduct privacy vulnerability assessments
  
• Manage internal reporting for data processing activities
  
• Develop and improve privacy impact assessment processes
  
• Perform regular compliance assessments
  

3. Compliance Monitoring
   

• Ensure business units and third parties follow privacy programs
  
• Develop corrective action plans for compliance issues
  
• Monitor privacy controls and risk indicators
  
• Conduct compliance reporting for partners and service providers
  
• Report findings to Board members
  

4. Data Management
   

• Maintain personal data inventory and processing registry
  
• Develop data collection and sharing processes
  
• Advise on cross-border data transfers
  
• Implement data retention and deletion programs
  

5. Technology Integration
   

• Advise CIO and CISO on privacy matters
  
• Align security practices with privacy requirements
  
• Address privacy concerns in emerging technologies
  
• Coordinate data breach response
  
• Implement privacy controls in business processes
  

6. Data Protection
   

• Design security architectures for data protection
  
• Secure database configurations
  
• Implement encryption, masking, and tokenization
  
• Coordinate vulnerability assessments
  
• Monitor security events and manage breach responses
  

Qualifications and Experience

• 10+ years of information security experience
  
• 3+ years of enterprise project management experience
  
• Strong knowledge of information and cyber security domains
  
• Experience in banking/financial services environment
  
• Expertise in security frameworks (ISO27001, NIST, PCI-DSS, SWIFT CSP, COBIT)
  
• Master's degree in IT/Information Security
  
• Professional certifications: CISA, CISSP, PCI-QSA, SABSA
  
• Strong analytical and technical skills
  
• Experience in GRC (Governance, Risk, and Compliance)
  
• Knowledge of advanced technology stacks and risk assessment