Job Description

The Position holder will report to the COE Lead – Customer Privacy and the role purpose will be:

• Mission: Embed company-wide data privacy compliance in order to guarantee safety and security of customers resources.
• Review and offer advice on data governance, processing activities and/or data breaches for Safaricom Plc
• Monitor compliance with applicable national and international laws and regulations pertaining to data protection and privacy
• Provide advice on the implementation of appropriate policies and guidelines to establish and maintain data protection compliance
• Contribute towards establishing a strong culture of data protection across stakeholders through carrying out appropriate training and awareness

Job Responsibilities

• Identify, evaluate and maintain records of Safaricom Plc’s data processing activities, in conjunction with subsidiary management as appropriate
•  Provide advice and conduct Data Protection Impact Assessments (DPIAs) as required
• Monitor data management procedures and ensure privacy compliance within Safaricom Plc and  group companies
• Share advice and guidelines for implementing privacy by design and privacy by default in all products and systems
• Ensure all queries from data subjects seeking to exercise their rights are responded to within required timeframes
• Update detailed guidelines via data protection policies as required
• Plan and conduct annual training and tailored awareness programmes for  stakeholders
• Conduct ISO risk assessments on the organization’s privacy programme  in accordance with the integrated framework
• Certification and maintenance of ISO 27701 PIMS programme
• Close all gaps identified through internal and external reviews

Qualifications 

• Legal, business or IT security degree
• 2 – 5 years of experience in data protection, compliance, security and legal compliance/audit
• Privacy certifications such as CIPP/E, CIPM and ISO 27701 an added advantage