Data Privacy Analyst/ Senior Analyst (Info Sec)

Functional Objectives:

• Support the preparation and the implementation of the data security governance program
• Ensure data security governance requirements are reviewed and implemented at different data lifecycle.
• Ensure that data leakage solutions include data security governance requirements.
• Support and maintain data security safeguards /countermeasures.
• Respond to data privacy incidents and breaches.
• Coordinates suitable data security awareness program with ADIB Egypt internal communication through multiple awareness activities as well as ADIB client awareness with ADIB Egypt Marketing.
• Support the procedures to implement information asset classification and handling for ADIB Egypt
• Ensure Data flows are in place for applications and processes.
• Monitor data privacy trends and emerging issues.
• Ensure data governance is part of multiple business channels governance for example and not limited to third party processes, operations, ATMs, channels such SWIFT
• Support maintaining tracking map for the lifecycle of data as per the process to ensure that controls are in place and not only the technology level but people, processes, and technology.

Regulatory and statutory requirements:

• Ensure regulatory and best practices guidelines are embedded in the business process and technology.
• Liaison with ADIB Egypt business to assess business process, operations, products development and engagements by ensuring alignments of business needs with security activities plus emerging security risks and control technologies requirements.
• Utilize deep business knowledge and in-depth technical expertise to ensure that ADIB Egypt’s business systems processes meet the needs of the end users.

Risk identification, classification, assessment and evaluation:

• Plan and monitor data security assessments to determine whether information systems are protected, and controlled. Collect information and review documentation to ensure that risks are identified and evaluated.
• Tracking of data assessment finding and integrate with the risk management and monitoring process
• Develop and monitor a risk register to ensure that all identifies risks highlighted with related accountability, monitor existing risk to ensure that changes are identified and managed appropriately.

Risk and control monitoring:

• Monitor key risk indicators (KPIs) to monitor and communicate their status to relevant stakeholders
• Identify the gap between current and desired risk levels to manage risk, evaluate information security controls to determine whether they are appropriately and effectively mitigating the risk to defined acceptable level.
• Monitor and communicate key risk indicators (KPIs) and management activities to assist relevant stakeholders in their decision –making process.
• Facilitate independent risk assessments and risk management process review to ensure that they are performed efficiently and effectively.

Minimum Qualifications:

• Education: BSC in communication engineering, computer science or information systems.
• Strong understanding of data privacy laws and regulations.
• Knowledge of data protection best practices,data privacy audits.
• Knowledge of providing training on data privacy topics.
• Ability to respond to data privacy incidents and breach.

Generic Skills:

• Planning and time management skills
• Team building communication skills
• Creativity thinking
• Dynamic, continuous improvements and learning and crisis management
• Documentation and organization
• Problem solving, conflict solving

Job Specific Skills:

• Information security Background.
• Data Governance
• Customer facing experience
• Regularity knowledge (CBE, PCI, Basel…)
• Financial industry knowledge