Business Analyst - Data Privacy

We are hiring a Business Analyst with strong knowledge of data privacy regulations to support a top-tier banking client in Saudi Arabia. The ideal candidate will work closely with cross-functional teams to ensure compliance with the Saudi Personal Data Protection Law (PDPL) and other applicable regulations such as SAMA guidelines.

This is a key role in driving privacy-by-design, embedding privacy controls in digital and operational processes, and aligning data handling practices with both local and international standards.

Key Responsibilities:

• Elicit and document business and privacy requirements related to customer and employee data
• Map data flows and data lifecycle processes across systems, vendors, and departments
• Collaborate with legal, compliance, IT, and business units to ensure PDPL requirements are understood and implemented
• Support the preparation and execution of Data Protection Impact Assessments (DPIAs)
• Help develop and maintain internal data privacy policies, consent mechanisms, and data classification schemes
• Provide business input during audits, regulatory reviews, or internal risk assessments
• Support initiatives to align data handling with SAMA Cybersecurity Framework and data privacy obligations
• Ensure system and process designs incorporate privacy-by-design and default principles
• Participate in project delivery life cycles (Agile/Waterfall) as a privacy-focused business analyst

Requirements

Must-Have:

• 3–5 years of experience as a Business Analyst in the banking or financial services industry
• Solid understanding of Saudi PDPL and general data privacy principles
• Experience working with compliance/legal teams on regulatory projects
• Proficient in documenting business processes, data flows, and control requirements
• Fluent in English; Arabic language proficiency is highly preferred or required
• Strong stakeholder communication and coordination skills