Specialist CPR

Job Brief:

The Specialist CPR shall report to Lead CPR and will be responsible for all compliance aspects related to Data Privacy. This will include:

• Assist Lead CPR with the responsibilities under Consumer Protection Regulation and Standards and applicable provisions of GDPR.
• Implement in coordination with Business, Data Management and Protection responsibilities for Central Bank UAE regulations and in particular Consumer Protection Regulation.
• Co-ordinating All First Line of Defense (FLOD) response to Data Privacy Requirements.
• Assisting Lead CPR and Business units for Policy and Procedure Updates.
• Implementing Training for Business Units in applicable regulatory requirements, developments and integration into Bank Policy and procedural design.
• Consulting for various Business Units in the course of their First of Line Defense responsibilities and coordinating with Second Line of Defense for reviews/reporting.

Key Accountabilities:

• Ensuring Compliance with the law in relation to Data Privacy.
• Enabling Business Units to Implement and execute agreed action for compliance with Data Privacy.
• Consent Management – procedural and system implementation.
• Meeting the requirements of Data Privacy Policy, particularly Privacy by Design in all new initiatives.
• Enabling Business Units to complete Data Privacy Risk/Impact Assessments.
• Meeting project deliverables and providing compliance assurance with standards such as GDPR, PDPO(HK), PDPA(SG), CSF(KWT) and Consumer Protection Regulations (UAE).
• Assist all International Jurisdictions and coordinate their efforts for Compliance.
• Maintaining liaison with Data Protection Authority, Group Legal, Compliance departments and Second Line of Defense.

Frameworks, Boundaries, & Decision Making Authority:

• Functions within the framework and boundaries of Data Privacy laws, Group policies as well as overall organizational and governance frameworks.
• Authorized to take decisions as per the approved authorization matrix.

Qualifications & Experience:

Essential

• Master’s degree preferred in relevant fields such as Law, Technology or Management.
• Experience of working in Data Privacy for at least 2 years.
• Overall experience of at least 2 years in data governance, information security or related law fields or Technology or Operations in a sufficiently senior capacity.
• CIPP/E Certification.

Desirable

• Previous experience in preferably in banking and financial industry of various banking technology or operations of at least 3 years.
• Qualifications in Information Security such as CISA or Data Privacy such as CIPM or Law related qualifications.
• Knowledge in using privacy tools.

Other requirements:

• Strong knowledge of MS Office.
• Excellent written, verbal and oral communication skills.
• Ability to coordinate with Stakeholders, conduct workshops on Data Privacy, multi-task and meet competing deadlines.
• Ability to analyze events, identifying root causes and prepare recommendations for optimum resolutions according to approved policy and practice.
• Excellent interpersonal and organizational skills, effective time management, and the ability to shift priorities working within established timelines.
• Demonstrates initiative (learn processes and procedures, various benefits) and displays self-motivation to grasp new concepts quickly.
• Ability to pay attention to detail as well as implementing to Data Privacy Strategy.