Data Privacy Manager / Analyst
Job Duties
- Review the data governance and management framework and update it as required
- Design, oversee, and improve privacy management programme controls
- Review processes and procedures, ensure the data governance and management framework is followed, and assess the adequacy of data privacy controls
- Conduct sample checking on data privacy controls to ensure they are effective
- Recommend how to strengthen data privacy controls
- Conduct a review of the data privacy-related documents
- Perform data classifications based on data definitions in data dictionaries
- Review business justifications for data retention periods and ensure data housekeeping is in place
- Conduct data privacy risk assessment and propose mitigations
- Perform privacy impact assessment on change requests and implement the required changes (e.g., whether the privacy policy and / or the personal information collection statement require changes)
- Support reporting and management of data privacy incidents by preparing data breach incident reports and drafting data breach notification form
- Incorporate lessons learned from data breach incidents to enhance data privacy controls
- Collaborate with auditors to complete privacy impact assessment and privacy compliance audit and ensure the findings and recommendations are implemented
- Assist in the Privacy Commissioner’s investigation and / or inspection (if applicable), and ensure the findings, recommendations, and enforcement notice are implemented
- Review and follow up complaints / complaints or reports of infringement of personal data privacy rights (if any)
- Keep up to date on applicable regulatory requirements, assess and implement all changes needed for fulfilling the requirements
- Support development teams to design and implement data governance tools (e.g., master data management tool for data lineage and data quality)
- Propose agenda, prepare meeting materials, conduct meetings to engage data stakeholders, and follow up action items
- Design training plan, develop training materials, and deliver training to data stakeholders; and improve data privacy training based on the feedback from data stakeholders
Education / Qualification
University degree holder or aboveSkills / Knowledge
Proven track record in designing, operating, maintaining, and optimizing the data governance and management framework and data privacy controlsWorking knowledge and exposure to applicable regulatory requirements (e.g., PDPO and GDPR) is a mustProject management skills are a plusStrong analytical and problem-solving skills, team-player attitude, well-organized, attention to detail, and ability to work independently under pressureAbility to manage different data stakeholdersExcellent writing (in English), communication and presentation skillsProficiency in MS applications (e.g., Word, PowerPoint, and Excel)Working Experience
At least 5-8 years’ hands-on first-line experience in data privacy-related domains / fields