Personal Data Protection Analyst

Abdul Latif Jameel comprises diversified businesses with deep roots in the Middle East, North Africa, and Turkey (MENAT region). Strong networks and long-established relationships make us a powerful partner, opening doors for those who want to do business in the region.

Our businesses represent some of the world’s leading brands, earning us their trust and building long-lasting and mutually beneficial relationships. Our commitment to anticipate and support our partners’ needs has driven our success.

From our modest beginnings 75 years ago as a small trading business and then a Toyota distributorship in Jeddah, Saudi Arabia, we have established an extensive operations infrastructure, built the largest vehicle distribution network in Saudi Arabia, and, along the way, we have accumulated comprehensive automotive expertise throughout the region.

Applying our vast experience in the automotive sector, we’ve used our expertise and operations infrastructure to diversify into new sectors that contribute to the ‘infrastructure of life’ in the MENAT region.

Financial Job Dimensions

Degree of supervision

Close Supervision over Data privacy activities

Level of Authority

Shared Authority over Data privacy review process

Purpose of the Job

The primary purpose of the Personal Data Protection Analyst is to ensure the organization's compliance with data protection regulations and to safeguard the privacy and integrity of personal data. This role involves developing, implementing, and maintaining data protection policies and procedures, conducting regular assessments and audits, and responding to data breaches and privacy-related incidents. The Personal Data Protection Analyst plays a crucial role in mitigating risks associated with data handling and enhancing the organization's data protection culture.

The job holder plays a pivotal role in safeguarding personal data within an organization by ensuring compliance with legal standards, educating staff, managing incidents, and continuously improving data protection practices.

Key Accountabilities: Description

• Develop and implement data privacy policies and procedures to ensure compliance with all applicable laws and regulations.
• Develop and deliver data privacy awareness programs to ensure all employees are aware of their data privacy responsibilities.
• Monitor and report on privacy incidents, including data breaches, to senior management and regulatory authorities, as necessary.
• Build and maintain strong relationships with key stakeholders across the company - including middle management, business units, and IT.

Key Accountabilities: Performance Indicators

• Adherence to data privacy policies
• Number of training sessions, announcements, and internal communications
• Periodic reporting and dashboards
• Stakeholder’s perception of the Lead’s effectiveness as a communicator and collaborator, Business value delivered through insights implementation

Major Activities

• Develop and implement data privacy policies and procedures to ensure compliance with all applicable laws and regulations.
• Conduct risk assessments to identify potential privacy risks and develop risk mitigation strategies.
• Monitor and report on privacy incidents, including data breaches, to senior management and regulatory authorities as necessary.
• Participate in the development of data privacy impact assessments and review third-party vendors for data privacy compliance.
• Assist in the development and maintenance of data privacy documentation and records.
• Communicate with internal stakeholders, including IT, legal, and compliance teams, to ensure everyone is aware of privacy policies and procedures and their responsibilities under those policies.
• Coordinate with external legal and compliance experts to ensure the organization is complying with all relevant laws and regulations.
• Develop and deliver data privacy training programs to ensure all employees are aware of their data privacy responsibilities.
• Stay up to date on all relevant data privacy laws and regulations and ensure the organization is fully compliant.
• Monitor onboarding of new processes, vendors, or applications in scope of Personal Data Privacy Law (PDPL).
• Coordinate with Personal Data Privacy (PDP) champions of Business and IT to mitigate PDP risks.

Job Context

• The job has a direct impact on ensuring the following:

Ensuring data protection policies and data privacy regulations are met.

Collaborating with cross-functional teams to develop monitoring mechanisms for data privacy breaches.

• The job holder has a direct impact on managing:

Implementing Data protection policies as part of data integration across different systems and platforms.

• The job ensures the following regulations are met and communicates any updates to management and associates:

Staying up to date with relevant data privacy regulations such as Personal Data Privacy Law PDPL or any industry-specific compliance requirements.

Working with Data Protection Officer to communicate any updates or changes in regulations to business and IT stakeholders.

Collaborating with IT, legal, and compliance teams to ensure data protection is aligned with regulatory requirements.

Framework, Boundaries & Decision Making Authority

The job holder should adhere to:

• Saudi Authority for Data and Artificial Intelligence (SDAIA) Rules and regulations
• National Data Management Office (NDMO) Rules and regulations
• KSA Data Management and Personal Data Protection Framework

The job holder has authority and freedom to:

• Conduct Data Privacy Assessments and Analyses
• Conduct assessments for data flow between different systems
• Check Data Privacy Compliance Monitoring

Report Data Privacy Incidents

Organizational / Functional Strategic Focus

• The job holder is responsible for analyzing data according to the organization's data protection frameworks, policies, and standards to ensure adherence throughout the organization.
• The job collaborates with legal and compliance teams to comply with data protection policies, implement security measures, and mitigate data risks, protecting the organization and its stakeholders from data breaches or unauthorized access.

The job collaborates with IT teams and business units to optimize systems and processes. This includes evaluating and implementing system changes and ensuring seamless integration with other enterprise systems.

Minimum Qualifications

Bachelor’s degree in MIS, Information Technology, Business Administration, or other degrees in a similar field.

Data management-related certifications

Minimum Experience

Minimum of 3 years of experience in data privacy or a related field.

Experience with data privacy impact assessments and vendor reviews.

Job-Specific Skills

Fundamentals of Personal Data Privacy Law PDPL

Excellent communication and interpersonal skills – able to liaise with staff at all levels

Strong analytical and problem-solving skills

Excellent writing skills, with the ability to create clear requirements, specifications, and documentation

Strong ability to communicate embed information, business process, and system-wide changes to a technical and non-technical audience

Ability to work on own initiative within agreed boundaries

Ability to work under pressure and manage conflicting priorities

Ability to work with technical and non-technical staff

Flexible and adaptable

Languages

English

Arabic is highly preferred

Special Certifications / Membership

Certifications related to data governance; data management is good to have.

Certified Information Privacy Manager (CIPM) is good to have.

ISO 27701 Lead Implementer (PIMS) is good to have.

Securiti.Ai Training is good to have

Why Work for Us?

With a truly international footprint and more than three quarters of a century of commercial success behind us, we are today, not only a leading employer across the Middle East, North Africa and Turkey (MENAT) region, but also offer exciting opportunities worldwide, from Chile to Japan, from the UK to Australia.

Our values guide the way we work with our business partners, within our communities, and with each other.

Through Respect, Innovation, a Pioneering Spirit, and Empowerment, we are proud of our culture which sees ideas blossom, people thrive and successes flourish.

Actual Working Hours - (48) hours per week,

The publication deadline is April 29, 2025.