Specialist, Data Privacy Standard Bank

Manage the day-to-day operations in the legal entity related to Data Privacy across the business, supporting the Legal Enity Data Privacy Officer in the implementation of the Business and Country specific Data Privacy Strategies, conduct assessments and analysis towards legislative and data privacy changes, gaps and requirements, compile reports in the applicable legal entities to advice on risk mitigation plans, thus to protect both the clients and Standard Bank from related data privacy risks.

• Maintain, implement and enhance governance processes by remaining abreast of any updates made to regulatory and compliance policies related to the Bank to ensure that legal entity remain in good standing with the overall policies of the Standard Bank Group.
Inform and advise stakeholders within the legal entity by disseminating best practice data privacy advice to guide individuals in the legal entity around the Group’s policies and data protection legislation to ensure the legal entity remains compliant with its obligations.
Investigate, analyse and interpret system information in order to provide reporting tools support, input into training on data privacy to ensure that staff members are familiar with data privacy policies, tools, requirements and processes, to enhance the performance and deliverables to clients.
• Analyse and interpret the Data Privacy strategy, in order to clearly formulate business requirements related the Data Privacy policies, processes, procedures, dashboards and reporting tools, in order to optimise business analysis tools, thus to allow business to make accountable strategic decisions.
• Manage and oversee the day-to-day legal entity business operations, in their enablement of data subject rights as outlined in the domestic data protection legislation.
• Support and collaborate with the legal entity Data Privacy Officer in operationalising both the operating model and incident management plan for the legal entity.
• Collaborate with the group data privacy teams, legal entity Product Owners, Product Manager and IT, on a regular basis to address and mitigate issues and provide input into the prioritisation of work, to ensure the management of potential risk and compliance issues for in-country data privacy legislative and regulated requirements.
• Provide reports on assessment and audit trails for review, as supporting evidence for all changes made on the system, processes and procedures as per compliance and risk management regulations.
• Liaise and ensure proper client relationship with internal and external stakeholders, keeping them informed as to decisions, resolutions and progress on enquiries and system enhancements and changes.
• Contribute to the implementation, oversight and maintenance of the legal entity’s Data Privacy and Protection Policy Universe, data management contract and regulatory matrix to ensure the appropriate governance and compliance restrictions are being applied and upheld to mitigate any potential gaps in data privacy and protection.
• Support and assist the legal entity Data Privacy Officer with developing and compiling relevant reports to internal committees and the domestic data protection regulator.
• Participate in Privacy Impact Assessments in collaboration with Group, Business Unit, and Legal Entity stakeholders and involving Procurement and Group Information Security or other stakeholder groups to manage and mitigate Privacy risk to the legal entity.
• Participate in the consolidation of a Group Regulatory Universe with Group colleagues and other Group affiliates in the same jurisdiction as the legal entity.
• Develop a deep understanding of the global regulatory environment affecting Data Privacy and Data Protection, specific to the legal entity’s processes and practices by being a key stakeholder in the process to deliver relevant advice and strategic guidance to process owners on applicable privacy laws, regulations, and best practices.

Qualifications
Minimum Qualifications
First Degree in; Information Technology; Legal; Computer Science or Business-related Degree – Mandatory
Post graduate degree in Information Technology, Legal is an added advantage

Other Minimum Qualifications, certifications, or professional memberships
• Legal, Compliance, Risk Management, Audit, Information Technology or any Business-related degree would be a minimum qualification requirement for this role as well as an appreciation of digital transformation and initiatives – Robotics; Innovation; Secure Development

Experience Required
4 – 5 years experience in extensive and expert knowledge and management of Data Privacy preferable within Financial institutions, taking ownership pertaining to the legal and Information technology oversight regarding regulatory jurisdiction and cross-border aspects into account in order to safeguard the institution, legal entities and and clients safe at all times. Drive automation and continuous improvements of banking systems and platforms

Legal Compliance; The ability to comply with relevant legislation, regulatory and professional standards. Proficiency Level 4 ADVANCED – Mastered the concept, able to act independently, provides guidance and training to others

Information Management; The ability to plan, develop and execute an enterprise information management framework, to improve the accuracy, integrity and accessibility of information. Proficiency Level 3 SEASONED – Applies concepts without requiring supervision, able to provide technical guidance when required.

Promote Good Governance, Risk & Control; The ability to assess governance and control frameworks against the appropriate risk appetite and enhance the risk management culture in line with the organisational objectives. Proficiency Level 4 ADVANCED – Mastered the concept, able to act independently, provides guidance and training to others

Risk Management: Demonstrates knowledge and understanding of risk management methodologies, tools, governance structures and regulatory requirements for good management of risk. Proficiency Level 4 ADVANCED – Mastered the concept, able to act independently, provides guidance and training to others

Compliance: The ability to interpret regulations and laws that apply to the business and to provide information to business on how to comply. Proficiency Level 4 ADVANCED – Mastered the concept, able to act independently, provides guidance and training to others

Financial Industry Regulatory Framework: Insight into and understanding of the various laws and regulations regulating the financial services industry. Proficiency Level 4 ADVANCED – Mastered the concept, able to act independently, provides guidance and training to others

Additional Information
Behavioral Competencies:
• Adopting Practical Approaches
• Articulating Information
• Challenging Ideas
• Checking Details
• Examining Information
• Exploring Possibilities
• Interpreting Data
• Meeting Timescales
• Producing Output
• Providing Insights
• Team Working
• Upholding Standards

Technical Competencies:
• Analysing Insurable Risk
• Compliance
• Evaluating Risk Management Effectiveness
• Information Security Management
• Risk Awareness
• Risk Management