Discover your dream Career
For Recruiters

Senior Manager - Privacy & Protection (DPO) - Risk Management

D360 Bank Riyadh, Saudi Arabia
Posted 13 days ago Permanent Competitive
Senior Manager - Privacy & Protection (DPO) - Risk Management
Job Description

The Data Privacy Manager establishes the necessary Data Privacy Frameworks drive the data privacy programs over the organization's practices ensuring that the handling, management and processing of data adheres to privacy policies, standards and regulatory requirements.


• Oversee D360's RoPA register and ensure that all processing activities are captured.
• Oversee the data mapping exercise and quality check the data flows maps for accuracy.
• Provide inputs into suitable data retention requirements for personal data, and ensure retention periods are applied and followed across D360.
• Assess and validate security controls captured during the RoPA excise and ensure they maintain the confidentiality, integrity, and availability of personal data across the bank.
• Manage and oversee customer and employee consent requests and ensure they are fulfilled in line with the KSA PDPL.
• Ensure appropriate legal basis for processing personal data is recorded as part of the RoPA activity.
• Ensure compliance of cookies is maintained.
• Oversee Data Subject Requests and ensure they are resolved in line with KSA PDPL.
• Continuously review personal data breach management policies and monitor for personal data breaches to ensure associated risks are managed and notifications to the relevant regulator made.
• Development of a Data Privacy related Risk Appetite statement.
• Support and provide input on completing Data Privacy Impact Assessments (DPIA) for high risk processing activities.
• Monitor and maintain a third party list where personal data is being shared outside of D360.
• Review existing contracts with third parties to identify the involvement of personal data processing and ensure the data privacy clause is embedded in the contracts aligned with the applicable jurisdictional privacy regulations.
• Ensure that the contracts which involve the processing of personal data include provisions governing that processing and, where applicable, provisions ensuring appropriate safeguards when Personal Data is transferred out of any jurisdiction(s).
• Identify and drive mitigation plans for the privacy-related risks stemming from the use of third parties.
• Lead the data sharing mandate under NDMO for D360 and report directly to DPO on the initiatives, compliance with NDMO standard, awareness campaigns and risks associated with publishing open data.
• Conduct the Data Sharing training for every employee involved in the Data Sharing initiatives to ensure that they understand their obligations, responsibilities and the consequences of an unauthorized disclosure or mishandling of data.
• Develop and enforce a Data Sharing Process and Data Sharing Agreement
• Define and follow an Internal Data Sharing agreement template to be used when data is shared within D360.
• Review all ongoing Data Sharing agreements on a regular basis to accommodate for any changes.

• Enforce, incorporate, and comply with all necessary controls and related information security (EIS) policies, procedures, practices, training, reporting, personal due diligence and vigilance, within departmental/unit activities and operations.


Preferred Qualifications
  • A tertiary-level qualification from an internationally recognized institution
  • Industry-recognized certifications in CIPP, DAMA, CDPSE (Certified Data Privacy Solutions Engineer), or CGEIT (Certified Governance of Enterprise IT)

Years & Nature of Experience
  • Would have 8 to 10 years of equivalent experience in the data privacy management field.
  • As an individual contributor, would be the subject matter expert for a capability area or key process in their organization and would typically be the person to lead design work in their area
  • Has led technical process areas; excels at leading teams and worked effectively with other areas and stakeholders outside their function
  • If a manager of others has impacted team culture through their work
  • Has demonstrated ability to link technical contribution back to business impact for their team or area
  • Extensive Knowledge of KSA Personal Data Protection Law, particularly in consent, data subject rights, and sharing data across jurisdictions.
  • Experience in data mapping and classification to identify the types of data collected, processed, and shared.

Technical Competencies
  • Data Security and Protection
  • Data Architecture
  • Data Management
  • Data Engineering
  • Data Resiliency
  • Regulatory Compliance

Behavioural Competencies
  • Well-Spoken & Presentable
  • Adaptability
  • Analytical thinking
  • Complex Reasoning
  • Trust and Transparency

Key Interactions Internal
  • Information Security Function
  • Data Management Function
  • Risk Management Function
  • Compliance Function
  • IT Function
  • Legal Function
  • Internal Audit

Key Interactions External
  • Regulators (SAMA, NDMO, NCA, etc)
  • 3rd party service providers
  • External Auditors

About the Team

Embarking on a journey with the D360 Bank Risk Management team grants you a remarkable opportunity to steer our triumphs and fortify our future. As a valued member, you will assume a pivotal role in owning and orchestrating our enterprise-wide risk policy framework and strategies. Your expertise will encompass identifying, evaluating, and mitigating risks entwined with D360's diverse activities. Joining our esteemed risk management team means actively shaping the forefront of pioneering risk management techniques and state-of-the-art technologies. We firmly believe in embracing innovation to elevate our risk management prowess and fuel enduring progress.
Job ID  300000026347841
More Jobs From D360 Bank
Senior Manager - Operational Risk - Risk Management
D360 Bank
Riyadh, Saudi Arabia
2 months ago Full time Competitive
Director - Data Governance - Products
D360 Bank
Riyadh, Saudi Arabia
2 months ago Full time Competitive
Senior Associate - Regulatory Compliance
D360 Bank
Riyadh, Saudi Arabia
2 months ago Full time Competitive
Senior Software Engineer - iOS
D360 Bank
Riyadh, Saudi Arabia
4 days ago Full time Competitive
Technical Program Manager
D360 Bank
Riyadh, Saudi Arabia
10 days ago Full time Competitive
Senior DevOps Engineer
D360 Bank
Riyadh, Saudi Arabia
10 days ago Full time Competitive
Senior Associate - Site Reliability Engineer
D360 Bank
Riyadh, Saudi Arabia
1 month ago Full time Competitive
Associate - Banking Operations
D360 Bank
Riyadh, Saudi Arabia
2 months ago Full time Competitive
Senior Associate - Partnerships - Operations
D360 Bank
Riyadh, Saudi Arabia
2 months ago Full time Competitive
Senior Associate - Fraud Risk Investigation - Risk Management
D360 Bank
Riyadh, Saudi Arabia
2 months ago Full time Competitive

Boost your career

Find thousands of job opportunities by signing up to eFinancialCareers today.
Recommended Jobs
Hunter Bond
Senior Privacy and Data Protection Specialist
Hunter Bond
London, United Kingdom
ADIB - Abu Dhabi Islamic Bank
Data Protection Officer
ADIB - Abu Dhabi Islamic Bank
Abu Dhabi, United Arab Emirates
GIC Private Limited
Associate/AVP, Data Privacy & Protection
GIC Private Limited