Data Protection & Privacy Officer at Ecobank Rwanda PLC (Closing date: December 1st, 2021)

0
1048

Ecobank Rwanda Plc.

P.O. BOX: 3268 Kigali – Rwanda

External recruitment Advert

Job Vacancy: Data Protection & Privacy Officer

Opening date:  November 24, 2021

Closing date:  December 1st, 2021

About Ecobank Rwanda Plc

Ecobank Rwanda Plc is a full-service bank that joined the Rwandan market in 2007 with the aim of providing a broad range of products and Services to Consumer, Commercial, and Corporates business segments.

The bank’s vision is to build a world-class bank and contribute to the economic development and financial integration of Rwanda and the region by providing customers with convenient and reliable financial products and services.

Ecobank Rwanda Plc is an affiliate under Ecobank Group and operates in Central East and Southern African (CESA) region.

In order to respond to our growing market with the required human capital, we are currently looking for experienced professional in the following area

Role Title: Data Protection & Privacy Officer

Reporting: Head Information Security

JOB PURPOSE:

Under the supervision of the Head Information Security, the Data Protection & Privacy Officer will drive compliance of enterprise information by identifying and mapping data; determine data protection and privacy requirements; prescribe security controls, prepare plans, assess all data held in all business systems; prepare/update data protection and privacy standards, prepare technical security policies, and procedures associated with data classifications.

  • The role requires specialist knowledge and understanding in financial services, obligations of data protection and privacy regulations, privacy technologies, and cybersecurity.
  • Ensure Ecobank Rwanda is current on data protection laws, regulations, and technical requirements to ensure the Bank is not exposed to privacy risks and penalties
  • Maintain the data protection & privacy program for Ecobank Rwanda in compliance with Rwanda Data Protection law, Cybersecurity regulation, GDPR, and other data protection requirements

KEY RESPONSIBILITIES:

  • Creating and maintaining data protection and privacy policies, procedures, and practices (Record of Processing documentation, review of data processing agreements, privacy by design, etc.)
  • Conducting data protection impact assessments and advice on issues where applicable.
  • Ensuring information security activities aligns with data protection and privacy requirements.
  • Interfacing with appropriate data protection regulatory authorities on compliance with data protection regulations.
  • Monitoring compliance with data protection regulations, other applicable data protection provisions, and strategies for protection of personal data, including the allocation of responsibilities, awareness-raising, and training of staff (e.g.: Human Resources) involve in the processing operations and related verifications.
  • Interfacing with appropriate internal and external stakeholders in Legal, Compliance, and Technology to adhere to legal, contractual, and supervisory authorities.
  • Embedding data protection and privacy requirements into technology services and new projects where applicable.
  • Maintaining data protection and privacy governance structure within the affiliate.
  • Ensuring data protection and privacy issues are addressed at appropriate meetings within the affiliate
  • Carry out routine tasks associated with data protection & privacy and Business continuity
  • Ensure privacy technologies and capabilities are embedded in all applicable/relevant solutions and projects
  • Liaises with contractors and service providers to ensure that all activities are in line with the Banks Information Security Policy and regulatory Business continuity requirement.
  • Provides Information Security and privacy Awareness training to all employees, and other third parties, ensuring proper information security clearance in accordance with established bank information security policies and procedures.
  • Initiates, facilitates, and promotes activities to create information security and privacy awareness within the Bank.
  • Develop and implement an ongoing risk assessment program targeting information protection& privacy and business systems. Recommend methods for vulnerability detection and remediation.
  • Perform information security risk, vulnerability assessments and serves as an internal assessor for data protection and privacy issues.
  • Report any incident occurred and address security incidents, respond to alleged policy violations from staff, contractors, and external parties.
  • Review of physical and logical protection of Information and ensure logical access management review is done and any non-conformity is reported
  • Carry out any other responsibilities that may be assigned by Management

QUALIFICATION REQUIREMENTS & EXPERIENCE:

  • A degree in Computer Science, Information Technology, MIS or Information Security and professional qualifications preferably in cybersecurity/data protection such as CISM, CDSPE, CIPP, CIPT etc.(a Plus)
  • Minimum of 3 years’ experience in the information security/cybersecurity/data protection roles with some experience in the financial services sector.
  • Background and expertise data protection & Privacy compliance, IT audit or IT security
  • Experience of promoting a data privacy culture of awareness and understanding (preferably within a Bank)
  • Experience of developing and assessing privacy policies and controls that minimize risk and ensure compliance
  • Experience of responding to potential privacy incidents, to mitigate risk, determine reporting requirements, and developing corrective action plans when needed
  • Demonstrated leadership and problem-solving skills, and ability to work under pressure
  • Experience of communicating effectively with the highest levels of management and decision-making individuals within the organization
  • Strong knowledge and experience in data security and privacy practices such as data sensitivity handling, data destruction, data stewardship, data management lifecycle, handling data breaches, etc.
  • Strong understanding of data protection principles, data management lifecycle, information classification, and data leak prevention technologies and capabilities
  • Background and expertise in national data privacy low, IT Security regulation, and Business continuity regulation compliance.
  • Relevant work experience of monitoring compliance with regulatory requirement and engaging with regulatory bodies.
  • Must demonstrate understanding of legal and regulatory matters affecting financial services industry.
  • Familiarity with privacy and security risk assessment, best practices and gap analysis, privacy certifications/seals, and information security certifications.
  • Team-player such that focus on the success of the team. Working well both with others, as well as individually, in a multicultural and multidisciplinary context
  • Knowledge of data protection legislation, particularly GDPR and national data protection law.
  • Experienced in Business Continuity management framework/standard.
  • Familiarity with computer security systems
  • Experience in managing data breaches
  • Experience in cooperation with supervisory authorities of any kind
  • Understanding the environment in which business operates and associated data protection risks.
  • Experience in conducting data protection impact assessments.
  • Understanding the national Data protection low and its requirements.
  • Must be able to balance business priorities, information security risks, emerging data threats and best practice of data protection & privacy to ensure confidentiality, integrity, and availability of the company’s information assets.
  • Monitoring and advising on the initial and ongoing data protection risk assessments (privacy impact assessments) to ensure that personal data is protected.
  • Ability to work in a multicultural environment and multi-task effectively.
  • Excellent written and verbal communication skills.
  • Able to learn new concepts, products, and technologies on the job.
  • Must demonstrate strong leadership skills as well as be able to effectively work collaboratively and cross-functionally with members of the IT organization and various lines of businesses.

Ecobank Rwanda Plc is an equal opportunities company and females’ candidates are encouraged to apply, If your career aspirations match this exciting opportunity, please write in confidence quoting the position on the subject matter

How to applyInterested candidates should send their application file (CV, Academic certificate, and cover letter) via the “Apply for this job” button not later than December 1st, 2021

Only those who strictly meet the criteria should apply for this position

Due to expected high volume of applications we cannot respond to all applications and will only be contacting shortlisted applicants.

                                       ______________________ Ends_____________________________

                                                            ECOBANK RWANDA MANAGEMENT

 






LEAVE A REPLY

Please enter your comment!
Please enter your name here