Posted 2 weeks ago Information Technology
Johannesburg Full Time EE/AA, Non EE/AA Market Related Salary
Our client within the IT industry is actively seeking a Privacy Manager to maintain there GRC program and ensure the company is compliant with the applicable Data Privacy Regulations.
They will be responsible for risk management and data security for an organization that would include such security privacy frameworks like General Data Protection Regulation (GDPR), SOC2, NIST, and the various United States Acts. The Privacy Manager will report to the Director of Information Security.
To be successful in this role, you should have in-depth knowledge of Governance, Risk and Compliance, GDPR and local data protection laws and be familiar with the information security and privacy industries. You should also know how to perform audits and align them to our current procedures. Ultimately, you will facilitate GDPR compliance through transparent data protection policies, systems and procedures.
DescriptionIdentify, assess, and prioritize risks to the organization.Develop and implement risk mitigation strategies.Monitor and report on risk exposure to senior management.Develop and implement policies and procedures to ensure compliance with relevant laws, regulations, and industry standards.Communicate policies to employees and ensure understanding and adherence.Assist in external audits and client due diligence requestsStay informed about relevant laws and regulations affecting the organization.Ensure that the organization complies with applicable legal and regulatory requirements.Conduct internal audits to assess compliance.Provide training to employees on compliance, risk management, and governance matters. Serve as the Data Protection Officer (DPO) if necessary, ensuring compliance with data protection laws.Oversee the organization's data protection and privacy policies and practices.Identify and evaluate the company's data processing activitiesProvide advice and instructions on how to conduct Data Protection Impact Assessments (DPIAs)Participate in meetings with managers to ensure privacy by design at all levelsEnsure we address all queries from data subjects within legal timeframes (e.g. delete their information from our databases)Write and update detailed guides on data protection policiesOffer consultation on how to deal with privacy breachesArrange for training on GRC and privacy related matters for employeesFollow up with changes in law and issue recommendations to ensure compliancePrepare and present regular reports to senior management and relevant stakeholders on GRC activities, risks, and compliance status.Work closely with various departments, including legal, IT, finance, and operations, to ensure a holistic approach to GRC.Continuously assess and improve GRC processes and programs.
Stay updated on industry best practices and evolving regulatory requirementsExperience, Qualifications and Skills8-10 years work experienceExperience in Governance, Risk and ComplianceEducated in relevant fieldExperience in data protection and legal complianceWork experience in data protection and legal compliance is a plusSolid knowledge of GDPR and national data protection lawsKnowledge of data processing operations in the company's sector is preferrableFamiliarity with computer security systemsAbility to handle confidential informationEthical, with the ability to remain impartial and report all non complianceOrganizational skills with attention to detail#J-18808-Ljbffr
