Data Privacy Specialist

Personal Data Protection:

• Develop and maintain the implementation of Personal Data Protection policies, procedures and processes in alignment with the national Personal Data Protection laws and regulations

• Serve as the point of contact between SANS and the relevant regulator authorities for handling personal data privacy-related complaints and requests.

• Oversee records of all personal data processing activities and coordinate the investigation of data breaches.

• Coordinate with Cybersecurity on the relevant programs that implements controls to isolate, detect, and protect against the risks of personal data

• Ensure personal data protection controls are in place within all SANS third-party contracts and personal data protection controls are shared with external vendors

• Review and update the contracts and the service and operation level agreements in accordance with the privacy policies and procedures approved by SANS

• Ensures that processes around providing consumers with notices and consents are maintained and adhered to

• Review and handle data subjects’ requests related to the processing of their personal data

• Inform, advise, and train the organization and employees on their obligations under personal data protection law requirements

• Support with launching an awareness programs to promote a culture of privacy and to raise awareness pursuant to the privacy policies and procedures approved by SANS

• Work with Data Governance and Compliance Specialist to conduct compliance audits, and recommend corrective actions when needed

• conduct impact assessment and risk assessments of the operation and use of its information systems containing personal data, including the collection and processing of personal data, and the storing and transmittal of personal data by each system - whether automated or manual.

• conduct incident review and response to data breach formulating corrective actions in aligment with national regulations

• Promote effective collaboration and communication with internal team members and maintain cross departmental alignment to ensure synergy and coherence.

Policies, Processes and Procedures:

• Conduct day-to-day activities while ensuring compliance with policies and procedures

• Contribute to the identification of opportunities for continuous improvement of systems, processes considering leading practices, changes in the business environment, cost reduction, and productivity improvement

Knowledge and Experience:

• Minimum of 6 years of relevant experience in data protection, privacy, or compliance roles.

• Experience in risks or data security and protection is preferred

• Familiarity with personal data protection regulations and policies

• Knowledge in information security and protection (classification, data privacy

• In-depth knowledge of data protection laws and regulations.

Education and Certifications:

• Bachelor’s degree in Information Management, Computer Science, Software Engineering or in related fields

• Certified Information Privacy Professional (CIPP) or Certified Information Privacy Technologist (CIPT) preferred.