Job Description
The Position holder will report to theCOE Lead – Customer Privacy andthe role purpose will be:
Mission: Embed company-wide data privacy compliance in order to guarantee safety and security of customers resources.
Review and offer advice on data governance, processing activities and/or data breaches for Safaricom Plc
Monitor compliance with applicable national and international laws and regulations pertaining to data protection and privacy
Provide advice on the implementation of appropriate policies and guidelines to establish and maintain data protection compliance
Contribute towards establishing a strong culture of data protection across stakeholders through carrying out appropriate training and awareness
Job Responsibilities
Identify, evaluate and maintain records of Safaricom Plc's data processing activities, in conjunction with subsidiary management as appropriate
Provide advice and conduct Data Protection Impact Assessments (DPIAs) as required
Monitor data management procedures and ensure privacy compliance within Safaricom Plc and group companies
Share advice and guidelines for implementing privacy by design and privacy by default in all products and systems
Ensure all queries from data subjects seeking to exercise their rights are responded to within required timeframes
Update detailed guidelines via data protection policies as required
Plan and conduct annual training and tailored awareness programmes for stakeholders
Conduct ISO risk assessments on the organization's privacy programme in accordance with the integrated framework
Certification and maintenance of ISO 27701 PIMS programme
Close all gaps identified through internal and external reviews
Qualifications
Legal, business or IT security degree
2 - 5 years of experience in data protection, compliance, security and legal compliance/audit
Privacy certifications such as CIPP/E, CIPM and ISO 27701 an added advantage