• Job Description

  Req#: R-15955811

  Bring your possibility to life! Define your career with us

  With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

  Job Summary

  To ensure that ABSA Group Limited is compliant with all Data Privacy (DP) laws and regulations governing the operations across Absa Group including but not limited to regulatory guidance, policies, and standards. This is achieved through policy setting and shaping, integrating of market conduct and fair treatment of customers principles into all business decisions, ensuring that Absa’s internal controls adequately measure and manage the Data Privacy risks it faces, also effectively supporting business areas in their duty to comply with regulations and polices. Serve as the Information Officer for the group as required by regulation.

  Job Description

  Leading the effective ongoing implementation and oversight of the DP risk across Absa’s global business. The Group Head Data Privacy and Protection will work closely with stakeholders in our functions and regions to ensure that appropriate controls, across people, process and technology, are put in place to support compliance with data protection laws and regulations, industry standards and Absa’s DP policies.

  Key Responsibilities:

  • Establishing and overseeing the DP risk throughout Absa’s operations, including identifying emerging risks, defining appropriate policies and processes, performing data protection impact assessments and embedding data protection by design, creating go-to-market collateral and engaging with Absa’s clients on DP matters, and preparing executive and management reports. • Work closely with stakeholders in Absa’s functions, regions and service divisions to embed data protection by design and by default in our strategic projects, business processes, applications, systems, databases, and services.
  • Ensure d ocument ation and assess ment of DP risks in the business and develop strategies to manage or mitigate them in collaboration with business stakeholders.
  • Work closely with the legal team to ensure that changing regulatory requirements are adopted in the DPP programme and that Absa contracts (including data processing agreements, standard contractual clauses), privacy statements and terms of service accurately reflect Absa’s processing activities, technical and organisational measures, and supplementary measures.
  • Support the business to document the record of processing, including applicable data flows and cross-border transfers of personal data, and ensure that this is maintained so that it remains accurate, complete and up to date.
  • Support and advise the business in responding to data subject requests in accordance with applicable laws and regulations and Absa’s DP policies and processes.
  • Support and advise the business in the investigation, response, resolution, notification and closure of personal data breaches in accordance with applicable laws and regulations and Absa’s DP policies and processes.
  • Advise the business on its data protection obligations under applicable laws and regulations and Absa’s policies and standards.
  • Monitor developments in global data protections laws and regulations, understand the impact for Absa and put in place appropriate mechanisms to support compliance.
  • Provide guidance, training and awareness to key stakeholders on DP.
  • Monitor and evaluate the effectiveness of the DP programme and achievement of control objectives across our business.
  • Maintain technical expertise by keeping abreast of developments in DP, participating in industry forums and undertaking continual training and development Knowledge.

  Skills and Competencies:

  • Demonstrates a strong understanding of data protection by design practices and the implementation of data protection by design in technology solutions.
  • . Demonstrates strong analytical skills, including the ability to assess risk and impact from a DPP perspective.
  • Demonstrates a pragmatic and risk-based approach to DPP.
  • Excellent leadership, creativity, presentation, writing and collaboration skills.
  • Excellent written and verbal communication skills (including leadership and no-leadership) and negotiation skills.
  • Ability to thrive under pressure, function and deliver effectively in a fast-paced environment.
  • Ability to work well independently and productively with minimal supervision. Proactive in approach with high levels of motivation, being a self-starter with good planning and organising skills.
  • Ability to work well in a team environment. Demonstrates strong stakeholder engagement skills coupled with the ability to conduct presentations to both technical and non-technical stakeholders.
  • Positive role model, demonstrating the ability to coach, inspire and mentor others. Strong critical thinking and decision-making skills.
  • Ability to critically assess technology solutions to identify potential data protection gaps and opportunities for improvement.
  • Strong organisational and project management skills, including the ability to manage competing tasks and prioritise effectively.
  • Experience managing complex projects and working alongside cross-functional teams.
  • Firm grasp of DP concerns, best practices and industry standards relating to financial services and cloud technologies, as well as emerging technologies.
  • Deep knowledge of local and global data protection laws and regulations including the Protection of Personal Information Act (POPIA), Promotion of Access to Information Act (PAIA) and European Union General Data Protection Regulation (GDPR)
  • Operates with a high degree of integrity.

  Leadership Accountability:

  Supervising and providing direction on data privacy operational advice given by the GPO and across all markets, including relating to data protection terms in agreements, marketing and privacy issues, policy matters, rights requests, product development, accountability matters, litigation and investigations, data transfers, regulatory approvals, compliance projects and market launches; Participating in and supporting the operation of various data and AI governance forums;; Managing a network of DPOs and global privacy resources and ensuring consistency of approach on privacy and technology matters globally; Providing strategic advice and policy support on digital products and strategy; Keeping up to date with the latest developments in regulatory and industry trends. Interaction and engagement with relevant regulatory authorities and bodies, and lead on regulatory developments and industry association discussions.

  Education and Experience Required:

  • Bachelor’s degree, or other relevant certifications
  • 5+ years’ relevant leadership experience in DP risk management, processes, practices, technologies, risk management, audit or compliance.
  • Track record of advising on complex data protection matters with practical advice.
  • Experience in risk management activities and practices (preferred).
  • Some experience in cyber security management and control (preferred).
  • Experience in working with or advising large, multinational organisations.

  Education

  Bachelor`s Degrees and Advanced Diplomas: Business, Commerce and Management Studies (Required)

  Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

  Absa Bank Limited reserves the right not to make an appointment to the post as advertised

• About the company

  Absa Group Limited, and originally Amalgamated Banks of South Africa, is a South African-based financial services group, offering personal and business banking, credit cards, corporate and investment banking, wealth and investment management, as well a...

Notice