REQUIREMENTSAffirmative Action South African CitizenLLB (Bachelor of Laws) or equivalentAdmitted Attorney in South Africa3+ years of post-admission experienceESSENTIAL SKILLSWorking knowledge of privacy lawCIPP/ E, CIPP/ US or similar (preferred)Experience drafting policies and procedures (preferred)Strong commercial understanding and excellent interpersonal skillsMust be experienced in using SharePoint, and MS Office (Excel/ Word/ Powerpoint, etc.
)Knowledge of cross-over between legal, IT and data security requirements RESPONSIBILITIESCollaborate with the business to navigate evolving privacy standards and support the Chief Data Protection Officer in implementing the Data Protection Compliance Management System in the group which includes South Africa and its African subsidiariesContact point for and coordinate privacy leads in the group's African entities regarding privacy implementationBe a privacy subject matter expert and advise the regional African entities on privacy and data protection matters for the day-to-day business including the development of new products, services and initiativesAttend to data requests by data subjects and third parties in terms of the Promotion of Access to Information Act (PAIA)Prepare and deliver training to the group's African entities about their obligations under the local regulatory requirements, the company policy OD 2 and any other applicable EU data protection laws which may have an impact on the group's operational activities on the African continentSupport contract negotiations and advise on data processing agreements and data privacy impact assessmentsSupport data protection/ privacy office responsibilities for privacy by the design of business strategy as well as the implementation of necessary technical organizational measures (TOMs)Conduct gap analysis and develop solutions with the business to remediate any gapsDraft and advise on data protection-related documentation: privacy notices, policies and procedures and data subject access requestsExercise judgement and ability to manage competing deadlinesCollaborate with Legal Services to identify privacy-related legal issues with potential cross-functional impactEnsure privacy by design processes are embedded into the businessLiaise, partner and act as a contact point for data protection regulatory bodies on matters relating to the processing of personal data and other mattersPartner with the Chief Information Security Officer and the business to investigate and manage potential breaches/ instances of non-compliance to support prompt and accurate reportingKeep abreast of respective (both local and international) regulatory legal developments, trends and guidelines in data and privacy riskAnalyze proposed and (newly) enacted laws, and regulations and guide their impact on the company's existing processes, as it relates to data and privacy riskPartner with Group Data Protection in the group, to enable a constant exchange of ideas, developments and trends in all matters regarding data protection and privacy compliance