Data Protection Manager tabby

Develop, implement, and continuously enhance the organization s data protection framework at a group level, including policies and procedures, and ensuring alignment with PDPL, GDPR, and other relevant global regulations.

• Lead the data privacy governance program, ensuring cross-functional alignment with legal, IT security, compliance, risk management, and business units.
• Drive data protection by design and by default, embedding privacy considerations into business processes, products, and services.
• Oversee the data governance framework, ensuring robust policies for data classification, retention, minimization, deletion, and archiving in accordance with legal and business requirements.
• Establish privacy and data ethics standards to govern the responsible use of personal data.
• Ensure organization-wide compliance with PDPL, addressing new regulatory developments and industry best practices.
• Develop and maintain compliance monitoring mechanisms, conducting regular audits, risk assessments, and gap analyses to identify and mitigate privacy risks.
• Monitor and enforce compliance with data localization requirements, ensuring personal data is processed and stored according to PDPL mandates.
• Develop strategies for ensuring compliance with cross-border data transfers, working closely with legal teams to establish appropriate safeguards.
• Oversee the data subject rights management process, ensuring timely and compliant handling.
• Manage privacy complaints and inquiries, ensuring appropriate investigation, resolution, and reporting.
• Lead the data breach response program, developing robust incident response plans, forensic investigations, and remediation strategies.
• Ensure timely notification to SDAIA and affected individuals in case of a data breach, complying with legal and regulatory requirements.
• Serve as the primary point of contact with SDAIA and other regulatory authorities, managing audits, inquiries, and compliance reporting.
• Build and maintain strong relationships with internal and external stakeholders, including regulators, auditors, legal advisors, and industry bodies.
• Keep abreast of legislative changes and enforcement actions, providing strategic guidance to senior management on regulatory developments.
• Participate in industry working groups and professional forums, influencing the evolution of data protection policies and best practices.
• Design and implement organization-wide privacy training and awareness programs, ensuring employees understand their roles and responsibilities in data protection.
• Develop tailored training for key departments (e.g., IT, HR, Marketing, Legal) to address specific privacy risks and compliance obligations.
• Foster a culture of accountability by promoting privacy awareness at all levels of the organization, from executives to operational teams.
• Conduct privacy maturity assessments, measuring the effectiveness of training programs and privacy initiatives.