Data Protection Officer at COPEDU PLC | kigali : Deadline : 05-06-2026

COPEDU Plc is a Public Limited Company licensed by the National Bank of Rwanda to operate as a Financial Institution registered in the Office of the Registrar General with Company Code:100544628, P.O Box.4053, Kigali. COPEDU Plc is a Deposit Taking Financial Institution operating in Rwanda offering Banking services as mandated under the Rwandan law.

COPEDU Plc wishes to encourage all qualified, capable, and interested candidates to apply for the position of Data Protection Officer.

Department: Cyber Security Unit

Reports to: Manager Cyber Security

Location: Kigali

General description

The Data Protection Officer (DPO) is responsible for overseeing and ensuring that COPEDU PLC processes personal data in compliance with applicable data protection laws and regulations, including the protection of customer and business information. The role involves managing all aspects of data protection, ensuring confidentiality, integrity, and security of personal data across the organization.

Key Responsibilities

• Develop, implement, and monitor COPEDU PLC’s data protection and privacy program to ensure compliance with applicable data protection laws and regulations;
• Establish, review, and enforce data protection policies, procedures, and internal controls across the organization;
• Conduct regular Data Protection Impact Assessments (DPIAs) and risk assessments to identify, evaluate, and mitigate risks associated with the processing of personal data;
• Monitor organizational compliance with data protection requirements and recommend corrective actions to address identified gaps;
• Serve as the primary point of contact for data protection matters, including engagement with regulatory authorities and responses to data subject inquiries;
• Ensure the implementation and maintenance of appropriate technical and organizational security measures to safeguard personal data against unauthorized access, disclosure, alteration, loss, or destruction;
• Maintain and regularly update records of processing activities in accordance with regulatory requirements;
• Ensure that data subject rights, including access, rectification, erasure, restriction, objection, and data portability, are handled effectively and within legal timelines;
• Monitor, investigate, document, and report personal data breaches, ensuring timely notification and response in compliance with applicable regulations;
• Provide guidance, awareness, and training to employees and stakeholders on data protection principles, privacy obligations, and best practices;
• Collaborate with IT, Legal, Compliance, Risk, and other relevant departments to ensure consistent and effective data protection practices throughout the organization;
• Advise senior management on data protection risks, compliance obligations, and mitigation strategies to strengthen organizational accountability;
• Stay informed about developments in data protection laws, regulations, technologies, and emerging privacy or cybersecurity threats, and recommend necessary updates to organizational practices.
  
  
  
  

REQUIRED PROFILE AND QUALIFICATIONS

• Bachelor’s degree in Information Technology, cybersecurity, computer science, or a related field with a strong focus on data protection, privacy, risk management, legal compliance; with at least 2 years of experience in data protection, privacy management, or compliance, preferably within the financial services or banking industry.
• Certifications such as CIPP, CISM, CISSP, or similar privacy and security certifications are value added.
• In-depth understanding of data protection laws and best practices for managing personal data securely.
• Ability to conduct data protection impact assessments and identify potential risks in data processing activities.
• Strong ability to communicate data protection issues clearly to both technical and non-technical stakeholders.
• Strong analytical and problem-solving skills
• Capability to address data protection challenges effectively and develop solutions to mitigate risks.
• Proven experience in educating and training staff in data protection and privacy best practices.

All applications must include:

• A motivation letter;
• A copy of the National ID;
• A detailed Curriculum Vitae (CV);
• Copies of academic and professional certificates.
• Copies of certificates of rendered service.
  
  
  
  

COPEDU PLC offers the following staff benefits:

• Competitive and attractive salary package based on experience and qualifications
• Annual leave allowance;
• Long service recognition allowance;
• Preferential interest rates on staff loans;
• Annual performance bonus based on individual and company performance;
• Medical insurance coverage;
• Supportive and collaborative working environment;
• Opportunities for continuous professional development and career advancement;
• Etc.

Candidates are required to send their applications in One (1) pdf document through the email; hr-recruitment@copeduplc.rw not later than 05/06/2026. Only selected candidates will be contacted.

Done on 25/05/2026.

KABERA RWAGATARE Charles 

Executive Director