Data Protection/Privacy Consultant

Years of experience : 6 to 12 Years.

Key Accountabilities :

- Evaluate the current state of the Personal Data Protection environment.

- Create Data Management and Personal Data Protection Strategy and Plan, the Entity shall create a Personal Data Support in delivery of enterprise-wide Data Protection& Privacy program and provide guidance on global standards and best practices.

- Create a Data Classification Plan to manage and orchestrate banks Data Classification activities.

- Develop prioritization list based on the classification level of datasets and artifacts for the organization.

- Identify and inventory all datasets and artifacts owned by the Bank as part of the Data Classification Implementation process.

- Oversee that policies, processes, guidelines and standards related to Data Protection & Privacy (Such as : Consent Management, Data Subject Rights Management, Data Localization, Personal Data Access, Sharing and Transfer, Personal Data Breach Handling, etc.) are communicated and enforced throughout the organization.

- Develop material and conduct the Personal Data Protection training for every employee to promote a Personal Data Protection-centric culture in accordance with the Entity-specific and national privacy regulations.

- Liaise and respond to the Data Protection Authority of KSA for regulatory queries and audits.

- Develop and document breach management procedures to directly manage and address the privacy violations and to set the functions and responsibilities for the affected work team, covering.

- Process for conducting incident review by the Data Controller with the Regulatory Authority.

- Development of response mechanism based on incident reported by the Data Controller and / or Data Processor.

Detailed Tasks :

- Implementing processes to perform permanent corrective actions when issued by the Regulatory Authority.

- Developing testing of the implemented corrective actions to validate personal data protection solution(s).

- Drive privacy operations such as impact assessments, data mapping through the implemented privacy technology solution across business departments.

- Work with website development team to review the third-party cookies and provide guidance on managing on marketing/ preference consent stored within business departments ,as per the applicable regulatory law.

- Support in identifying third party privacy risks by conducting vendor privacy risk assessments through technology and co-ordinate with business departments to highlight the risks and providing risk mitigation recommendations.

- Ensure all the customer facing channels of the organization comply with applicable regulatory requirements by conducting a thorough assessment.

- Support in personal data discovery through automation and reviewthe PII inventory for the organization.

- Ensure and verify sensitive personal data elements are identified during data discovery exercise through technology implementation.

- Support in establishing record of processing activities through the technology implementation.

Techno Functional Capability :

- Analyze existing data governance tools, processes, and workflows to identify opportunities for automation.

- Design and implement automated workflows to simplify and accelerate core data governance activities such as data classification, data lineage, metadata management, policy enforcement, and reporting.

- Integrate data governance tools with other enterprise applications (e.g. data catalogs, data quality tools, business intelligence platforms, Qlick Serve, Remedy, JIRA, Control-M and Data Privacy tools suchas Securiti.ai or OneTrust) to enable endto-end automation.

- Develop custom scripts, macros, and other automation artifacts to enhance the functionality of data governance tools.

- Configure and maintain scheduling, monitoring, and alerting for automated data governance workflows.

- Continuously optimize and improve the efficiency and reliability of data governance automation.

- Collaborate with data governance and IT stakeholders to ensure alignment with.

- enterprise architecture and security/compliance requirements.

QUALIFICATIONS, EXPERIENCE, & SKILLS :

Minimum Qualifications :

- Bachelors degree in computer science, cyber-security or relate areas.

Minimum Experience :

- 6+ years of progressive experience in Data Governance and Data Privacy in a banking environment.

Required Skills

Mandatory

- Experience in the field of Data privacy, Data Protection and Data classification domains.

- Experience in working in support group responsible to monitoring compliance and managing regulatory compliance.

- Understanding of privacy protection Risks, data privacy related processes and policies.

- Experience in supporting the organisation during external regulatory audits of data privacy.

- Advanced knowledge in Personal Data Protection regulations, such as :

- Data Classification, Risk Assessment,

- Risk Register and Data Confidentiality.

- Data Integrity and Data Availability.

- KSA PDPL (Personal DataProtection law).

- GDPR.

- Other GCC privacy laws.