Manager – Data Protection

Arab countries Nationality

Preferably within UAE or with specialized expertise in adhering to the CBUAE mandated Consumer Protection and UAE Data Protection Law.

The candidate’s primary role is to implement data protection laws and regulations (such as CBUAE Consumer Data Protection, UAE Privacy Laws, and applicable global data protection requirements) and advise the business on data protection and privacy matters. He/she will be the focal point for all Data Protection and Privacy regulatory activities. Additionally, the role requires proactively conducting compliance assessments and audits to ensure adherence and address potential issues.

1. Implement and ensure the Bank's policies and procedures comply with data protection laws and regulations, advising the business on data protection and privacy matters.
2. Conduct assessments of data protection and privacy risks across the bank, including data protection impact assessments (DPIA) and third-party risk assessments.
3. Collaborate with Contracts, Vendor Management, and Compliance/Business departments to ensure third-party contracts and operating agreements meet privacy requirements.
4. Support communication with regulatory authorities and the public regarding privacy issues, including processing data subjects' requests.
5. Utilize process modeling tools, including flowcharts, sequence, and activity diagrams.
6. Prepare periodic reports for senior management and regulators as required.
7. Assess the current data protection framework, identify compliance gaps, and implement corrective actions.
8. Serve as the primary contact within the organization for data protection issues involving staff, regulators, and public bodies.
9. Maintain an inventory of all personal data stored and processed, including collection, sharing, and usage details.
10. Identify privacy requirements and vulnerabilities specific to the enterprise.
11. Manage the privacy impact assessment process in collaboration with business stakeholders.
12. Develop training plans and provide data protection advice to staff, fostering a culture of data security awareness.
13. Promote a culture of data protection compliance across all bank units.
14. Conduct regular privacy compliance assessments of business units, technology teams, and third-party providers, addressing any concerns.

• Expertise in data protection laws and regulations (e.g., CBUAE Consumer Data Protection, UAE Privacy Laws, global requirements).
• Certifications such as CIPP/E, CIPM, CIPT, CDPO are preferred.
• Strong knowledge of information security and IT systems.

8 to 10 years of relevant experience in data protection or privacy roles.

• Proficiency in both oral and written English and Arabic.