Data Protection Officer

Dubai, United Arab Emirates

Job Description

Majid Al Futtaim invites you to join us in our quest to create great moments for everyone, everyday! We are the leading shopping mall, residential communities, retail and leisure pioneer across the Middle East, Africa and Asia, serving over 560 million visitors a year. For the past two decades, we have shaped the consumer landscape across the region, transforming the way people shop, live and play, while maintaining a strong sustainability track record and the largest mall in the world to attain LEED Gold EBOM Certification. We have over 45,000 team members in 17 international markets representing over 100 nationalities - all keeping the customer at the heart of everything we do. If you enjoy being BOLD, PASSIONATE and TOGETHER, then Majid Al Futtaim is the destination for you.ROLE DESCRIPTIONTitle:Data Protection OfficerDivision/DepartmentMAF XSIGHT Future SolutionsLocationDubai, United Arab EmiratesManaging/Leading (if applicable):5-10 resources in multiple locationsRole Purpose:Based in Dubai, and reporting into the Director of Data & Technology within the FS business, the Data Protection Officer (DPO) is responsible to manage responsibilities including monitoring its data controller\'s, or data processor\'s, compliance with the DIFC Data Protection Law, and any policies relating to the protection of personal data (such as training of staff involved in personal data processing operations, and the data protection audits). The role will be responsible for ensuring compliance to local data privacy regulation in UAE e.g. UAE PDPL, DIFC PDPL as well as other global data protection regulations in jurisdictions where the company operates in. It will identify and mitigate business, employee, vendor and customer privacy risks, demonstrate an effective and auditable framework to enable compliance with applicable data protection laws and regulations and respond effectively to privacy breaches and data subject requests. The role will be tasked to maintain data protection registrations and liasing with the relevant data protection regulators in audits, handle incident responses and privacy investigations.Establish and manage the Data Governance and Privacy Office for FS business, and ensure the implementation and execution of MAF data governance and privacy policies as well as policies related to specific functions such as PCI DSS. In alignment with Holding Legal team, the role will assist in facing-off to customer and regulatory enquires on privacy matters - and will stand up any additional frameworks deemed necessary for the FS business.Role Details - Key Responsibilities and Accountabilities:
  • To ensure compliance with all applicable data protection laws and regulations, including liasing with data protection regulators in the region.
  • Define privacy obligations for the organization
  • To act as a subject matter expert (SME) for data privacy matters, laws and regulations both internally within the functions and business units as well as externally with third parties, vendors and partnerships. To be the point of contact with data privacy regulators, supervisory authorities and other key stakeholders.
  • Identify and mitigate business, employee, vendor and customer privacy risks
  • Ensure proper documentation exists around policies and procedures around the management of personal information
  • To identify and evaluate data processing activities and monitor data management procedures and compliance.
  • To partner with all key functions within the company and business, in particular with IT Security, IT team, Human Capital, Compliance, Marketing, Finance and Operations to ensure data privacy issues are considered by default and from the start of new projects, products and initiatives and throughout the entire lifecycle.
  • To conduct and/or support privacy impact assessments (PIA) or data protection impact assesments (DPIA) where applicable.
  • To ensure records of data processing operations are kept, to monitor local and international developments in data protection regulations and advise on the applicable frameworks.
  • Conduct training on data privacy regulations and compliance for employees.
  • Continually monitor, maintain and improve the maturity of the privacy program
  • Perform regular audits in order to determine if policies and procedures need to be altered in order to comply with regulations.
  • To provide support to the regional legal and compliance team as required on all data privacy matters.
  • Raise the data IQ of the organization to drive and embed a privacy-oriented culture
  • Respond effectively to privacy breaches and data subject requests
Definition of Success
  • The Revenue target for Data Solutions is approximately AED 180 Million annually 2024 onwards (5 million in 2023), out of which on a scale of 1 to 5 with 5 being highest,, the role at the level 4 plays a critical role in securing the entire revenue target by ensuring regulatory compliance and adherence to data protection law with zero untoward incidents
  • The estimated budget spent is approximately AED 90 Million annually for Data solutions, out of which on a scale of 1 to 5, with 5 being highest, this role will be responsible for ensuring at the level 4, the budgeted spend is done in a manner which is aligned to policy framework form Holding Compliance, as pre IT strategy and according to the Laws applicable in DIFC
  • Out of the revenue target of AED 180 Million , out of which on a scale of 1 to 5, with 5 being highest, this role will be responsible for ensuring at the level 5, to unlock potential partnership opportunities by deep understanding of laws applicable to data sharing and data economy by enabling and securing 10% of the revenue target
Functional/Technical CompetenciesThe successful candidate will have an exceptional track record of implementing and supporting data privacy programs using frameworks to establish compliance with applicable privacy laws and regulations, specifically the UAE PDPL, DIFC PDPL.They will have deep working expertise, including familiarity with the latest laws and regulations related to data governance and privacy to ensure protection of PII, reduce risks of data breaches, monitoring and auditing of the program performance, know how to create awareness and conduct training on importance of data governance and privacy. They will promote trust and confidence in the data entrusted by individuals, including consumers and employees.They will be an a change agent, capable of articulating and presenting a clear and compelling vision, strategy and framework. Highlight that MAF FS takes its data privacy obligations seriously. Create, revise and implement policies and procedures that effect positive practices and together comprise a privacy program.Summary of required experience and attributes
  • Experienced data protection professional with proven experience in a data protection or similar compliance-based role.
  • Knowledge of data protection laws and practices
  • Experience in use and implementation of data governance toolsets (Informatica EDC, Axon; Collibra)
  • Experience on Privacy and Security software such as OneTrust
  • Knowledge of industry standards and codes of conduct for example PCI DSS
  • Good verbal, interpersonal, and written communication skills
  • Enthusiastic team player with strong relationship and empathy building skills. Well-developed influencing skills.
  • Analytical approach to reviewing issues and having a problem-solving mind set.
  • Good organizational skills and able to work independently and autonomously with the ability to prioritize and work to tight deadlines
  • Recognize and escalate issues when appropriate
  • Knowledge in conducting Privacy impact assessments
  • Knowledge on data subject rights, their applicability and consequences if not acted upon appropriately
  • Knowledge on privacy audits
  • Experience in implementing Privacy-by-design in projects
  • Able to conduct cross-functional collaboration with Legal, IT, Information Security, Compliance and other teams
Personal Characteristics and Required Background:Personal characteristics
  • Will be a proactive problem solver with immediate professional and intellectual credibility and an impactful style. Will be collaborative, low-ego, pragmatic, and excited about Majid Al Futtaim. Strong relationship management skills with the ability to manage complex stakeholders and external relationships. Will live and breathe Majid Al Futtaim\'s values.
Minimum experience
  • 15+ years of experience with data, data protection and privacy
Minimum Qualifications/education
  • Bachelor\'s degree in computer science, information management or data related field from a top university
  • Certifications in CIPP/E and CIPM will be preferred

Majid Al Futtaim

Beware of fraud agents! do not pay money to get a job

MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD1661601
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Dubai, United Arab Emirates
  • Education
    Not mentioned