Data Privacy Counsel

Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.

The Data Privacy Office at Grab is important for safeguarding personal data across the entire Grab ecosystem. DPO is instrumental in ensuring adherence to data protection regulations and creating privacy frameworks. The DPO operates as a strategic partner, working with Legal, Compliance, Engineering, Product, and Business teams to embed privacy protections and maintain a culture of Privacy by Design. We aim to translate complex privacy requirements into practical, business-forward solutions.

You will join the ID Data Privacy Office team, based in the Jakarta Office. You will report directly to the Data Privacy Manager.

• Conduct and provide data privacy risk assessments for new products, features, and operational changes across all Grab departments. These assessments involve preparing the necessary documents and logs. These assessment involve preparing Records of Processing Activities (ROPA), Data Protection Impact Assessment (DPIA), Transfer Impact Assessment (TIA), or Legitimate Interest Assessment (LIA).
• Advise Product, Engineering, and Departments on privacy, security, and data governance, ensuring a Privacy by Design approach.
• Collaborate with teams to guide on privacy regulations, anticipate legal risks, and recommend mitigation strategies.
• Develop practices and controls to grow Grab's data privacy and compliance programs.
• Review, draft, and negotiate agreements for international data transfer and processing.
• Operate and enhance Grab Indonesia's data privacy program, including compliance monitoring and breach handling.
• Ensure compliance with data privacy and security laws and regulations in Indonesia.

• 4+ years of experience in a data privacy or legal role, with a focus on data privacy and protection.
• A degree in law or a Bachelor of Laws (S.H or LL.B.).
• In-depth knowledge of global data privacy regulations, including Indonesia Persona Data Protection Law, General Data Protection Regulation (GDPR), and others.
• Experience with data privacy principles, including data minimization, purpose limitation, and transparency.
• Demonstrated experience providing advices on, rolling out or running a scalable data privacy program in an organization.
• You have professional proficiency in English (both written and verbal).
• Can collaborate with diverse, non-legal departments (Tech, Product, Marketing).
• A Master's degree focusing on Privacy or Technology laws, or professional privacy certifications (such as CIPP/E, CIPP/A, or CIPM) are preferred.

We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex, create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave, and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.