Are you passionate about safeguarding sensitive data and ensuring regulatory compliance? We are seeking a dynamic Data Protection Lead to join our Data, Technology & Cyber Risk function and pioneer the Data Protection program across YTL Digital Bank.
Job Description:
The Data Protection Lead will assist the Chief Information Security Officer to establish and maintain robust governance and oversight over data protection. In this role, you will play a pivotal role in shaping the way we handle, govern, and enhance our data assets, and comply with data protection laws and regulations.
Primary Responsibilities:
- Assist with the development, review, update and/or implementation of data protection-related framework, policy, guideline and/or initiative(s) to facilitate effective risk management and governance over data risk and data protection.
- Review and assess the extent of compliance with internal policies, guidelines, data protection laws and regulatory requirements.
- Conduct Privacy Impact Assessments (PIAs) to ensure that Personally Identifiable Information (PII) is appropriately protected, and recommend mitigation actions to address vulnerabilities, if any.
- Advise Business Units and Functional Units to embed data privacy considerations and/or control measures into the design and implementation of new products, services and processes.
- Provide advisory, guidance and challenge to Business Units and Functional Units in their management of data risks to achieve their business objectives and within the organization’s risk appetite.
- Investigate and report on incidents of data breaches or non-compliance, as required.
- Assist with the development and/or review of incident response procedures to address data breach incidents, including notification to internal stakeholders and relevant authorities, as required.
- Work with Senior Management and stakeholders to ensure that the organization has and maintains appropriate data privacy and confidentiality documentation.
- Work with Senior Management and stakeholders to ensure awareness of best practices relating to data privacy and data security, fostering data risk awareness and security-conscious culture.
- Coordinate with the Cyber Security and Technology teams to ensure alignment between cyber security and data privacy practices.
- Establish relevant Key Risk Indicators (KRIs) and metrics to monitor and measure data risk exposures.
- Prepare and present data risk reports to Senior Management and relevant committees, highlighting key findings, recommendations, trends and/or non-compliance with applicable data protection regulations.
- Respond to enquiries and audits (i.e. internal, external, regulatory and relevant authorities) pertaining to data protection.
- Provide regulatory compliance support, guidance and advice to Business Units and Functional Units regarding regulatory changes and updates, where relevant and required.
- Stay abreast of emerging technology trends, data protection laws, and regulatory developments to proactively address potential risks, and assist the Senior Management (and/or Board) understand potential concerns or risks that might impact the organization.
Qualifications:
- Bachelor’s degree in law, Information Technology, Data Science or a related field.
- Minimum of 12 years’ experience in any of these disciplines: data protection, information security, risk management or compliance in related areas.
- Professional certification such as CDPSE, CISSP, CISA, CISM or CRISC would be advantageous.
- Sound knowledge in regulatory requirements around technology risk (e.g. BNM’s Risk Management in Technology, Guidelines on Data Management and MIS Framework) and data protection laws (e.g. PDPA).
- Knowledge of data management principles and concepts would be desirable.
- Possess strong verbal and written communication skills, and capable of engaging senior stakeholders.
- Clear analytical thought process and good understanding of emerging technological developments and risk management frameworks.
- Ability to work independently and manage multiple projects.
- Detail-oriented with a strong sense of ethics and integrity.
Perks & Benefits
- Allowance (transportation, parking etc.)
- Nearby public transport
- Smart casual dress code
- Annual leave, Birthday leave
工作地点
Level 37, Menara Southpoint, Lingkaran Syed Putra, Mid Valley City, 59200 Kuala Lumpur
点击查看在谷歌地图上的位置