AVP - Data Protection - Singapore

• Sub Division: International Risk Management

Join UAE’s largest bank and one of the world’s largest and safest financial institutions. Our focus is to create value for our employees, customers, shareholders and communities to grow through differentiation, agility and innovation.We are looking for top talent and your success is our success. Accelerate your growth as you help us reach our goals and advance your career. Be ready to make your mark a top company, in an exciting & dynamic industry.

JOB PURPOSE:

This role plays a leading role in ensuring FAB SG / Asia complies with its obligations under applicable data protection laws whilst providing high quality support to FAB SG / Asia and to be an integral part of the Risk function.

KEY ACCOUNTABILITIES:

Act as the Data Protection Officer for the FAB Asia and hold the following responsibilities:

1) Data Protection

• Oversee the ongoing compliance with the local data protection regulations and management of the FABData Privacy Framework.
• Periodically review and, where necessary, update the procedures set for Data Privacy Framework in line with the local regulations.
• Coordinate with cross-functional functions in Singapore, in Asia region and with FAB Group, including Legal, Compliance, HR, IT Security, IT, Finance, Business, Operations, Risk etc., to establish privacy risk strategies, as well as identify program intersections, dependencies, and enhancements.
• Periodically conduct and document a Branch-wide assessment of FAB’s potential exposure to privacy risks.
• Provide advisory to Vendor Management and the ongoing assessments and due diligence of FAB’s Data Controllers and Data Processors.
• In conjunction with the Group Legal department, communicate with staff about significant legal and regulatory developments and trends related to data privacy.
• Coordinate with staffs, the ongoing awareness, training, and guidance on FAB Personal Data Protection Policy and privacy laws and regulations.
• Maintain awareness of industry trends, legal and regulatory changes, and current enforcement activities.
• Manage Data Subject Access Requests and other rights requests through to fulfilment.
• Lead and provide SME for Data Protection and PDPA related projects in line with local and group strategic initiatives.
• Supervise, review and advise on data protection impact assessments (DPIA) and privacy impact assessments (PIA).
• Manage in co-ordination with Group Legal and functional Risk lines, the Cross Border Data Transfer Agreements between FAB branch and FAB Group.
• Manage all Information Notices in place for the FAB branch.
• Manage data breaches in line with policies and procedures.
• Provide information and support assessments on Data Protection from the various team conducting such assessment e.g. Compliance Monitoring, Group Information Security and Audit.
• Assist with other assignment as and when required.

2) Corporate Governance SPOC

• SPOC for Singapore and Labuan and supporting the Asia region with regards to Corporate Governance matters.
• Liaising with Group Corporate Governance.

JOB CONTEXT:

• The job context and dimensions of the job holder will vary depending on the number of projects and the amount of work in his/her domain at any given time.
• The incumbent will undertake complex, sensitive and demanding assignments requiring access to confidential business, financial and commercial information.
• The incumbent will make strategic recommendations supported by detailed analysis and assist with resolving strategic and operational problems. Issues are of multi-discipline/diverse focus.
• Relationship & people management: the incumbent will work closely with and facilitate cross-functional teams, as well as providing guidance and assisting staff across the wider FAB branches.
• The incumbent will seek guidance and advice from the FAB group functional line, EXCO, CRO and business heads on major policy, strategic, sensitive or controversial issues.

MAS-Individual Accountability & Conduct:

• Designated as “Material Risk Personnel - MRP” as per MAS-Individual Accountability and Conduct Guidelines.
• Adhering to the Fit and Proper requirements of the bank.
• Confirm and attest to the Job Description and Balance Score Card (if applicable) on a periodic basis.
• Ensure completion of MRP assessment with Senior Manager.
• Adhere to the Bank's Code of Conduct.

• A recognized degree in Business, Banking, Accounting, Finance, Engineering or equivalent.

Minimum Experience Required:

• A legal background with strong compliance, IT security/ InfoSec and audit related to data protection
• An excellent knowledge of data protection legislation with at least 5 years’ experience working in Data Protection/Privacy.
• A relevant Data Protection certification such as CIPP and CIPM or similar.
• Experience in a similar type of role in a multinational business and dealing with Data Protection Supervisory Authorities
• Experience in managing Records Management and understanding of industry best practices.
• Experience in managing data incidents and breaches.
• Knowledge of cybersecurity risks, PCI DSS and other information security standards.
• Ability to make good judgments regarding data privacy risks and to prioritize resources and activity around managing those risks.
• A good working technical knowledge and awareness of current data management and communications technologies
• Able to conduct the role independently and with integrity
• Ability to plan, organize and prioritize tasks and projects
• Good personal communication skills capable of dealing with wide range of stakeholders, including senior management
• Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels
• Strong team player
• Enthusiastic and positive
• The ability to remain calm, controlled and resilient
• Advanced in English (mandatory) and 1 other Asian language (preferred)