Superstaff is seeking a Data Protection Officer (DPO) with expertise in pertinent privacy or data protection policies and practices. The ideal candidate should possess a comprehensive understanding of the processing operations conducted by the Personal Information Controller (PIC) or Personal Information Processor (PIP), including their information systems, data security, and data protection requirements. Familiarity with the sector or field of the PIC or PIP, as well as their internal structure, policies, and procedures, would be advantageous for the DPO role.
Responsibilities of the DPO include:
- Monitor the PIC’s or PIP’s compliance with the DPA, its IRR, NPC issuances, and other applicable laws and policies. This involves:
- Collecting information to identify processing operations, activities, measures, projects, programs, or systems of the PIC or PIP and maintaining records.
- Analyzing and ensuring compliance of processing activities, including security clearances issued to and compliance by third-party service providers.
- Informing, advising, and issuing recommendations to the PIC or PIP.
- Ensuring renewal of accreditations or certifications necessary to maintain required standards in personal data processing.
- Advising the PIP or PIP on the necessity of executing a Data Sharing Agreement with third parties and ensuring compliance with the law.
- Conduct Privacy Impact Assessments for activities, measures, projects, programs, or systems of the PIC or PIP.
- Advise the PIC or PIP regarding complaints and/or the exercise by data subjects of their rights (e.g., requests for information, clarifications, rectification, or deletion of personal data).
- Ensure proper data breach and security incident management by the PIC or PIP, including preparing and submitting reports and documentation to the NPC within the prescribed period.
- Inform and cultivate awareness on privacy and data protection within the organization, including relevant laws, rules, regulations, and NPC issuances.
- Advocate for the development, review, and/or revision of policies, guidelines, projects, and/or programs of the PIC or PIP relating to privacy and data protection, adopting a privacy by design approach.
- Serve as the contact person of the PIC or PIP regarding data subjects, the NPC, and other authorities in matters concerning data privacy or security issues or concerns.
- Cooperate, coordinate, and seek advice from the NPC regarding data privacy and security matters.
- Perform other duties and tasks assigned by the PIC or PIP to further data privacy and security interests and uphold data subjects' rights.
Except for items (a) to (c), a COP shall perform all other functions of a DPO. Where appropriate, they shall also assist the supervising DPO in their functions.
Additionally, the DPO must prioritize activities and focus efforts on issues presenting higher data protection risks, considering the nature, scope, context, and purposes of processing.
- Bachelor's degree in a relevant field such as law, IT, or cybersecurity
Minimum of 1-3 years of experience in privacy, data protection, or compliance roles - Strong understanding of data protection laws and regulations.
- Excellent communication and collaboration skills.
- Analytical mindset with problem-solving abilities.
- Commitment to upholding ethical standards and privacy principles.