Risk, Audit and Compliance
Career Stream
Regulatory Compliance
Leadership Pipeline
Manage Self: Professional
Job Purpose
- To provide privacy expertise and guidance to stakeholders on the protection of personal information to ensure compliance to relevant legislation and to mitigate risks.
- Providing support on all privacy related matters.
- Assisting with the clusters privacy reporting.
- Managing the privacy incident management process to ensure all cluster incidents are logged, investigated and mitigated timeously and that the relevant notifications meet regulatory requirements.
- Assisting with the development of privacy related training for employees.
- Keeping abreast of all developments in privacy laws and regulations in the jurisdictions that impact the cluster.
- Leading Privacy Impact Assessments and ensuring that appropriate measures are implemented to mitigate risks identified in the assessments.
- Managing the clusters inventories of processing activities.
- Assisting in responding to data subject access requests as they pertain the cluster.
- Provide advice on all aspects of the protection of personal information
- Ensure that Privacy risks and issues are identified, escalated and appropriately managed
- Contribute to a culture of transformation by participating in Nedbank culture building initiatives, business strategy, and CSI.
- Build and manage relationships with key stakeholders.
- Build and maintain collaborative relationships with internal stakeholders through engagements and sharing of expertise to ensure understanding of, and alignment to regulatory requirements as set by relevant legislation.
- Any other duties as assigned by the Cluster Privacy Representative
- Advanced Diplomas/National 1st Degrees
- Bachelor's Degree: Law, Com[liance and Risk Management
- 2-3 years experience in a compliance related role
- Experience in privacy laws and practices
- Experience with identifying, analysing, and reporting on risk indicators related to Data Protection and Privacy
- Relevant Data Protection and Privacy related certification such as CIPP, CIPM, CIPT would be an advantage
- Data Protection and privacy auditing experience would be an advantage
- Change management
- Cluster specific operations
- Compliance reporting
- Governance, Risk and Controls
- Relevant regulatory knowledge
- Relevant software and systems knowledge
- Reputational risk management
- Risk management process and frameworks
- Stakeholder management
- Codes of Good Governance
- Influencing
- Building Trusting Relationships
- Managing Work
- Quality Orientation
- Stress Tolerance
