Data Privacy Senior Manager

Job Title: Data Privacy Senior Manager

Group: Risk Management

The role holder is designated DPO for all data controllers within Saudi Arabia and is responsible for carrying out the tasks prescribed by country specific data privacy laws, including:

Responsibilities:

• Informing and advising the business and its employees of their compliance obligations specific to data privacy laws.
• Supporting the deployment of deep subject matter expertise around Data risk and Data privacy within the bank and its subsidiaries
• Monitoring compliance with country specific data privacy laws and with any other data privacy provisions relating to the protection of personal data, including the assignment of responsibilities, awareness-raising and staff training, and the related audits.
• Reviewing and advising on Data Protection Impact Assessments (DPIAs) and monitoring performance of mitigations, where necessary;
• Cooperating with the regulatory authority;
• Acting as the contact point internally and externally with data subjects and the regulatory authority; and reporting on risk and control profile, including impacts of external environment changes, emerging risks and changes to the business strategy.
• Advising on, and providing the business with support, to ensure the necessary safeguards are in place to deliver compliance with requirements for international data transfers by identifying all circumstances in which personal data is transferred outside of the relevant jurisdiction.
• Be point of contact for Operational and Resilience Risk for the SAB Business and Functions.
• Support and drive in-country Resilience Risk initiatives for Data risk and Data privacy within SAB and its subsidiaries
• Providing advice, guidance and challenge to senior businesses, functions and entity management in country.
• Supporting development and oversight of effective implementation of the SABs Data risk and Data privacy framework across the bank .
• Providing guidance and support with policy writing, owning and monitoring compliance with a comprehensive set of clear and concise policies that outline the key principles and minimum requirements applicable to the management of Data risk and Data privacy within SAB and its subsidiaries.
• Engaging with risk owners, control owners and risk stewards to ensure Data risk and Data privacy are managed in accordance to policy.
• Overseeing compliance, for example, through the Risk and Control Assessment process, Top Risk Assessments and Incident Management process for data risk and data privacy.
• Supporting with defining the risk and control library, including minimum control standards, with input from Risk Owners, Business Service and Control Owners, specifying key risks and key controls.
• Recommending RCA scoping for controls and challenge where this is not appropriately applied in the RCA for data risk and data privacy within SAB and its subsidiaries
• Driving appropriate governance for Data risk and Data privacy within SAB and its subsidiaries across key stakeholders and senior control owners

Requirements & Qualifications

• Over 5 - 10 years of Banking Operation experience with thorough understanding of banking activities, products, processes and systems with its associated data, Prior role/responsibility of managing data management preferred.
• Bachelors or Masters degree in any relevant major.
• Written and spoken English is essential, Arabic is preferred