| Job Location | Abu Dhabi |
| Education | Not Mentioned |
| Salary | Not Mentioned |
| Industry | Not Mentioned |
| Functional Area | Not Mentioned |
Employment: Full Time Design and DevelopUnderstand the organization and environment and then Designs and Develops the overall Data Privacy and Protection Regulatory Framework.Establishes, advises, and coordinates Clients Data Privacy & Protection compliance framework.Designs, implements, and maintains an adequate integrated incident response and data breach notification procedure as required in line with Clients policies, standards, and procedures.Develops, coordinates and provides guidance, assessments, training, and monitoring of the compliance and Data Privacy/Protection control environments within the business units.Develops and implements Data Classification Standards in line with internal policies and global frameworks by working with and managing senior stakeholders.Work with the business, including product and technology teams, to design innovative privacy solutions as part of pragmatic advice and conducting Privacy Impact Assessments.Develop and lead training and awareness sessions with the business to promote a culture of privacy and advise business and sector leads to understand how privacy requirements affect their area.Develops and implements the integrated Trusted Authenticated Identities and Privacy framework by working with other stakeholders.Identifies roles for citizens, processes, and technologies required for trusted identification, authentication, and authorization within the Trusted Identity Ecosystem.Develops a Trust Framework that defines the rights and responsibilities of Clients staff in the Identity Ecosystem.Implement, Operate and ManageSupports the Compliance, Legal, Data Governance, Physical Security and Cyber Security Teams, respectively, in strengthening Clients compliance and data privacy and protection efforts.Monitors and communicates relevant developments globally and more specifically in the region relating to Data Privacy and Protection.Leads the design, creation, coordination, and implementation of policies, procedures, and training addressing Data Privacy and Data Protection issues in Clients while serving on and supported by the Cyber Security team.Provides guidance and negotiates data provisions contained in advertising, marketing, and commercial agreements, including data rights agreements, data protection agreements, and data provisions.Assists compliance and legal team members on advising senior leadership on data policy issues and in connection with compliance matters for data and privacy laws and regulations, including GDPR, the California Consumer Privacy Act, and other data protection, data retention, data security, and data breach regulations.Develops and performs project-based, privacy-related impact assessments and audits cross-functionally on an adhoc basis and periodically to ensure high compliance to global Data Privacy and Protection requirements within Client.Review and analyze new products and services, including online and mobile applications, for compliance with applicable privacy laws.Create dashboard views to critical Data Privacy and Protection risk metrics to drive alerts, progress and continuous improvement.Works with internal Departments and stakeholders to ensure that Clients internal staff, its Customers and third parties are all covered within the Data Privacy and Protection standards.Works with other entities to understand their solutions and key projects to evaluate and monitor data privacy and protection compliance, paying attention to details, while understanding the big pictureManages other duties as assigned related to Data Privacy and Protection by Identifying and executing against key milestones in a fast-paced, team-oriented environment.Collaborate with relevant business stakeholders on continuous improvement initiatives designed to improve the performance and maturity of Clients privacy programFoster partnerships with the business as a Data Privacy and Protection trusted advisor and subject matter expertMaintain knowledge of applicable privacy laws, regulations, standards, and advancements in technologiesManage and take ownership of privacy incidents to completion.Support and conduct Issue Response Management and complaint handling for privacy issues, deviations and non-compliance within area of responsibility.Acts as point of contact with data subjects, supervisory authorities and internal teamsIdentifies and evaluates Clients data processing activitiesProvides advice and conducts Data Protection Impact Assessments (DPIAs) and Data InventorizationMonitors data management procedures and compliance within ClientsParticipates in meetings with managers to ensure privacy by design at all levelsMaintains records of processing operationsEnsures Clients addresses all queries from data subjects within legal timeframes (e.g. delete their information from databases)Liaises with other organizations that process data on Clients behalfWrites and updates detailed guides on data protection policiesPerforms privacy audits and determines whether we need to alter Clients procedures to comply with regulationsOffers consultation on how to deal with privacy breachesFollow up with changes in law and issue recommendations to ensure complianceProvide oversights and SME input to the design, build and implementation of technology tools that support the Information Classification and Protection strategy, objectives and operational requirements.Develops Data Classification Standards for ClientsDevelop DLP incident management and escalation workflowsDevelop employee communication strategies and security awareness trainingConduct Data Classification DLP tool training with staff and othersDevelop DLP policyDocument DLP processes and proceduresStrategize incident retentionDevelop methods for risk reduction (reports and dashboards)Monitor and tune program processOwns and manages Data Classification and DLP tool configuration, ensuring appropriate governance and change control arrangements are operating across the business.Knowledge and experience of establishing and running monthly information protection technology boards, acts at chairperson. REQUIREMENTS: A minimum of a Bachelors degree and a strong interest in IT applications and operations.Minimum of 10-15 years professional experience in IT and at least 5 years of consulting experience in a big 4 or equivalent consulting firm.Certification as a Certified Information Systems Security Professional (CISSP) and/or Systems Security Certified Practitioner (SSCP) is desirable.Minimum of 10 years of experience in a combination of risk management, information security, security operations, and Product Engineering roles.At least 4 years in a senior leadership role in security.Relevant experience managing security for companies that leverage cloud technologies such as Amazon Web Services (AWS), Google Cloud Platform (GCP), or Azure and / or offer platform as a service (PaaS) with security commitments to customers and partners.Relevant experience working in the healthcare/life sciences industry with a deep understanding of regulatory frameworks such as ISO, GDPR, FDA, CE, HIPAA, HITRUST, etc. is highly desired.Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.Must be able to effectively liaise with internal direct reports and senior management as well as external customers, clients, partners and stakeholders.Must be a critical thinker, with strong problem-solving skills.Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.The incumbent must have an in-depth understanding of IT agile software development frameworks, strong knowledge of IT best practices and protocols, operational risk management, and in-depth knowledge and expertise of the Clients operations, including IT practices. Specific expertise should include:IT Management practices and protocols, including in-depth knowledge of international IT standards.Solid knowledge of IT application design, development, support and Operations Audit methodologyA practical and proactive problem-solver who possesses strong business acumen and is confident, mature, and calm.Excellent time management skills with the ability to prioritize and multitask and work under shifting deadlines in a fast-paced environment.Ability to work independently and in a team environment with both the local and global Compliance and Legal teams and the information security teams.Excellent written and verbal communication skills.Bachelors or Masters degree in IT, computer science, Software engineering, Data PrivacyExperience with Internet of Things, Cloud data services (Azure, Google IoT)Industry certification in one or more of the following: C++, Java, SQL, Python, MCSE, CCNP, CCSA, CISA, CA, CCSP, ISC, ITIL, etc.
Keyskills :
Parisima specialises in building high performing workforces that improve business performance. Our experience has demonstrated that the most effective organisations view their employees as their most important asset and view Talent Management as a holistic end-to-end complementary process.
Whether its a partial or fully outsourced recruitment solution or a focus on a particular area of your talent acquisition cycle, our solutions are tailored to address your specific challenges. We are experts in optimising talent acquisition and resourcing functions to build high performing organisations with high performing individuals.
Through key strategic partnerships, Parisima is the only organisation in the Middle East that specialises in addressing the full employee lifecycle. This includes Hiring (talent acquisition, applicant-tracking systems, assessments for recruitment and development) and Retention (employee engagement surveys, employee recognition and reward programs and executive leadership programs).
© 2023 HireeJobsGulf All Rights Reserved
