Data Privacy Manager

Job Purpose:

Your role is crucial in overseeing and managing all aspects of data privacy within EBC Operations. You will lead the foundation, development and implementation of comprehensive data protection strategies, ensuring compliance with local regulations such as mandated by the Central Bank of Egypt (CBE) and international standards like ISO 27701. Your expertise will be instrumental in promoting the culture of privacy awareness and accountability across the organization, your primary responsibility is to ensure compliance with data protection laws and regulations within the organization. You will oversee the development and implementation of policies and procedures to safeguard individuals’/data subjects’ privacy rights and mitigate data protection risks. The Data Privacy Manager serves as the main point of regarding data privacy matters.

Responsibilities:

• Roadmap Development: Lead the development and implementation of comprehensive data protection strategies and frameworks in alignment with local regulations and international standards.                                                                                                                   
• Compliance Oversight: Oversee the organization's compliance with data protection laws, conduct audits, and perform risk assessments, ensuring adherence to CBE regulations where applicable.                                                                                                                  
• Training and Awareness: Develop and deliver awareness programs to educate employees on data protection requirements and best practices, promoting a culture of privacy awareness.                                                                                                                       
• Incident Management: Establish procedures for responding to data breaches, including notification requirements and mitigation strategies, and oversee their implementation in cooperation with Information Security.                                                                                                           
• Advisory Role: Provide expert advice and guidance on data protection matters and the implications of new projects or initiatives.                                                                                                                     
• Stakeholder Engagement: Collaborate with internal departments, such as Compliance, Information Security, IT, legal, and HR, to ensure alignment on data protection initiatives and facilitate cross-functional cooperation.                                                                                                           
• Reporting and Documentation: Prepare reports on data protection activities, compliance status, and emerging risks for management and relevant committees. Maintain records of data processing activities and ensure documentation of compliance efforts.                                                                                                                 
• Data Privacy Representation: Serve as the primary point of contact for Data Privacy Office.                                                                                                                       
• Conduct data privacy impact assessments (DPIAs) for business processes, projects or systems, following both local regulations and international standards such as ISO 27701.                                                                                                           
• Review and negotiate data processing agreements with third-party vendors, ensuring compliance with relevant regulations and standards.                                                                                                                
• Assess and approve data transfers to third countries or international organizations, ensuring adherence to local laws and international frameworks in cooperation with other teams.                                                                                                          
• Stay updated on developments in Egyptian data protection laws and regulations, as well as international standards, and provide guidance to the organization accordingly.                                                                                                            
• Maintain records of data processing activities and ensure appropriate documentation of compliance efforts, including compliance with CBE regulations where applicable.                                                                                  

Requirements

Skills:

• Legal Compliance: Thorough understanding of Egyptian data protection laws, including the Data Protection Law and any relevant regulatory guidelines such as those issued by the Central Bank of Egypt (CBE). Familiarity with international standards such as ISO 27701 for privacy information management systems and international laws as General Data Protection Regulation (EU GDPR).
• Communication: Excellent verbal and written communication skills to effectively communicate with stakeholders and regulatory bodies (if needed).
• Analytical Thinking: Ability to analyze complex data privacy issues and devise practical solutions.
• Attention to Detail: Keen attention to detail to identify potential privacy risks and vulnerabilities within the organization.
• Project Management: Proficiency in managing projects, prioritizing tasks, and meeting deadlines related to Data Privacy Implementation.
• Problem-Solving: Capability to identify and address data protection challenges efficiently.
• Technical Knowledge: Familiarity with IT systems, data security measures, and privacy-enhancing technologies.
• Ethical Awareness: Strong commitment to upholding ethical standards and protecting individuals' privacy rights.

Working Experience:

• Data protection and privacy compliance
• Legal or regulatory compliance in Egypt, including familiarity with CBE regulations.
• Information Security or IT Governance
• Risk management.

Certificates Related:

Holding any related certificate will be a plus as: CIPP, CIPM, CDPSE, CDPO, etc.