Information Privacy Officer : Information Communication and Technology (Eigo) (Pretoria) at FSCA South Africa

Purpose of the Job:

• The Information Privacy Officer is responsible for assisting development, implementation, maintenance and adherence to the organisation’s privacy policies and procedures which cover the collection, use, disclosure and privacy of personal information including assisting with activities related to Data and Information Governance.  

Key Performance Areas:

•  Maintain, evolve and implement the FSCA's privacy policies and procedures in coordination with appropriate members of the organisation, especially legal    counsel, but also the ICT security team, risk management officer and the compliance officer. 
•  Ensure that business units, technology teams and third parties follow the FSCA's privacy program, meet privacy policy requirements and address privacy     concerns.
•  Monitor the status and effectiveness of privacy controls across service offerings, ensuring that privacy-related key risk indicators are effectively     monitored to prevent an unacceptable impact on business objectives and reputation.
•  Assist with evaluating data security practices — in particular, logging, monitoring and auditing practices — to ensure they are not in conflict with   privacy  requirements.
•  Work with applicable regulators during the investigation of a privacy complaint against the organisation and support the litigation group in privacy-  related  litigation.
•  Assist with managing public perception of privacy practices for the organisation.
•  Prepare privacy awareness training and orientation for all employees.
•  Identify trends in privacy and regulatory requirements and compliance enforcement, and plan for changes.
•  Assist with data and information governance related initiatives

Requirements

• Bachelor's degree in business administration, law, finance, accounting, computer science or a related discipline, with at least 5 years’ experience in privacy, data governance, information management and security, risk management or compliance, preferably in financial services industry.
• One or more of the following certifications will be advantageous: Certified Information Privacy Professional (CIPP) and Certified Information Systems Auditor (CISA), as well as knowledge of the POPIA and GDPR.