Data Protection Officer

REF: DPO/11/2020- DATA PROTECTION OFFICER

JOB SUMMARY

The role holder will be responsible for ensuring that the Group processes personal data of its staff, customers, providers or any other individuals (also referred to as data subjects) in compliance with the applicable data protection rules.

KEY RESPONSIBILITIES:

The Incumbent will report to the Group Head of compliance and will be responsible for:

Ensuring compliance with the Data Protection laws and policies of the Group
As the key point of contact with the regulatory Data Protection Authority, act as the public-facing function representing the interests of Data Subjects as well as supervise and advise on the response to such request.
Promoting privacy awareness at senior level, as well as ensuring all staff are trained and know their data protection responsibilities and obligations.
Ensuring Data Privacy Impact Assessments are undertaken in line with data privacy laws.
Driving implementation of essential elements of the DPA, such as the principles of data processing, data subjects’ rights, data protection by design and by default, records of processing activities, security of processing, and notification and communication of data breaches.
Maintaining data protection policies and procedures.
Overseeing the maintenance of records required to demonstrate data protection compliance.
Supporting data incident response and data breach notification procedures.
Providing updates on the Data Protection compliance programme to the Group Board and Risk Management Committee and/or those of relevant subsidiaries

QUALIFICATION AND COMPETENCE REQUIREMENTS

Law degree from an accredited law school required
Hold at least one Data Protection and/or Privacy certification
5 years’ experience within a compliance, legal, audit and/or risk function, with recent experience in privacy compliance.
Experience in Data Privacy laws within the region and/or EU Data Privacy laws.
Experience in developing policy and compliance training.
Experience working in a financial and/or regulated industry.
Experience reviewing information systems related contracts
Have carried out at least one Data Protection Impact Assessment exercise
Well-developed, professional interpersonal skills; ability to interact effectively with people at all levels.
Ability to work unsupervised, exercise leadership, and influence change.
Excellent writing and presentation skills.
Strong change and project management skills, including the ability to manage time well, prioritize effectively, and handle multiple deadlines.
Demonstrated ability to undertake large, long-term projects, develop alternative methods to complete them, and implement solutions.
Ability to use independent judgment and discretion when making majority of decisions.
Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
Ability to handle confidential and sensitive information with the appropriate discretion and ethics.
Experience in managing data incidents and breaches.
Good understanding of data processing operations, including information systems, data security and data protection needs of an institution

If you believe you meet the above requirements log onto our website www.imbank.com and click on careers and apply for the position or forward your application to recruit@imbank.co.ke. Your application should reach us as soon as possible but not later than 12th December 2020.Please quote the reference number followed by the position applied for in the application.*all applications are subject to I&M Bank privacy notice available here.

Apply via :

recruit@imbank.co.ke