Lead Data Protection

Are you passionate about safeguarding sensitive data and ensuring regulatory compliance? We are seeking a dynamic Data Protection Lead to join our Data, Technology & Cyber Risk function and pioneer the Data Protection program across YTL Digital Bank.

Job Description:

The Data Protection Lead will assist the Chief Information Security Officer to establish and maintain robust governance and oversight over data protection. In this role, you will play a pivotal role in shaping the way we handle, govern, and enhance our data assets, and comply with data protection laws and regulations.

Primary Responsibilities:

• Assist with the development, review, update and/or implementation of data protection-related framework, policy, guideline and/or initiative(s) to facilitate effective risk management and governance over data risk and data protection.
• Review and assess the extent of compliance with internal policies, guidelines, data protection laws and regulatory requirements.
• Conduct Privacy Impact Assessments (PIAs) to ensure that Personally Identifiable Information (PII) is appropriately protected, and recommend mitigation actions to address vulnerabilities, if any.
• Advise Business Units and Functional Units to embed data privacy considerations and/or control measures into the design and implementation of new products, services and processes.
• Provide advisory, guidance and challenge to Business Units and Functional Units in their management of data risks to achieve their business objectives and within the organization’s risk appetite.
• Investigate and report on incidents of data breaches or non-compliance, as required.
• Assist with the development and/or review of incident response procedures to address data breach incidents, including notification to internal stakeholders and relevant authorities, as required.
• Work with Senior Management and stakeholders to ensure that the organization has and maintains appropriate data privacy and confidentiality documentation.
• Work with Senior Management and stakeholders to ensure awareness of best practices relating to data privacy and data security, fostering data risk awareness and security-conscious culture.
• Coordinate with the Cyber Security and Technology teams to ensure alignment between cyber security and data privacy practices.
• Establish relevant Key Risk Indicators (KRIs) and metrics to monitor and measure data risk exposures.
• Prepare and present data risk reports to Senior Management and relevant committees, highlighting key findings, recommendations, trends and/or non-compliance with applicable data protection regulations.
• Respond to enquiries and audits (i.e. internal, external, regulatory and relevant authorities) pertaining to data protection.
• Provide regulatory compliance support, guidance and advice to Business Units and Functional Units regarding regulatory changes and updates, where relevant and required.
• Stay abreast of emerging technology trends, data protection laws, and regulatory developments to proactively address potential risks, and assist the Senior Management (and/or Board) understand potential concerns or risks that might impact the organization.

Qualifications:

• Bachelor’s degree in law, Information Technology, Data Science or a related field.
• Minimum of 12 years’ experience in any of these disciplines: data protection, information security, risk management or compliance in related areas.
• Professional certification such as CDPSE, CISSP, CISA, CISM or CRISC would be advantageous.
• Sound knowledge in regulatory requirements around technology risk (e.g. BNM’s Risk Management in Technology, Guidelines on Data Management and MIS Framework) and data protection laws (e.g. PDPA).
• Knowledge of data management principles and concepts would be desirable.
• Possess strong verbal and written communication skills, and capable of engaging senior stakeholders.
• Clear analytical thought process and good understanding of emerging technological developments and risk management frameworks.
• Ability to work independently and manage multiple projects.
• Detail-oriented with a strong sense of ethics and integrity.

Perks & Benefits

• Allowance (transportation, parking etc.)
• Nearby public transport
• Smart casual dress code
• Annual leave, Birthday leave