Job Summary

• The Data Protection Officer (DPO) will oversee the bank’s data protection strategy and its implementation to ensure compliance with regulatory requirements.
• The DPO will act as a point of contact between the bank, regulatory authorities, and customers regarding data protection and privacy issues.
• The role involves advising the bank’s leadership and staff on data processing practices, conducting data protection impact assessments, and ensuring that data processing activities comply with applicable laws and regulations, including the Nigeria Data Protection Regulation (NDPR) and GDPR where applicable.

Key Responsibilities

• Compliance Monitoring: Monitor the bank’s adherence to data protection laws and internal policies through regular audits and assessments. Develop and maintain the data protection framework and ensure continuous improvement.
• Policy Development and Implementation: Develop, implement, and maintain data protection policies, guidelines, and procedures across all business units.
• Risk Management: Identify potential risks and vulnerabilities related to data privacy and security. Conduct regular data protection impact assessments (DPIAs) and advise on appropriate measures to mitigate risks.
• Data Subject Rights: Manage and respond to data subject requests regarding their rights under the NDPR and GDPR, such as access, rectification, and deletion of personal
• Training and Awareness: Develop and deliver training programs to staff on data protection and privacy policies, ensuring awareness and understanding of their responsibilities.
• Incident Response: Lead the response to data breaches or other incidents involving personal data, including investigation, mitigation, and reporting to relevant authorities.
• Liaison with Regulatory Bodies: Act as the contact point for regulatory authorities on matters relating to data protection, including reporting and consultation regarding significant changes to data processing activities.
• Advisory Role: Provide advice and recommendations to senior management on data protection implications of new projects and business initiatives.
• Documentation and Reporting Maintain comprehensive records of data processing activities and regularly report to the bank’s leadership on compliance status, risks, and areas of improvement.

Qualifications and Experience

• Bachelor’s Degree in Law, Information Technology, Computer Science, or a related field. A master’s degree is an added advantage.
• Professional certification in data protection (e.g., Certified Information Privacy Professional – CIPP, Certified Data Protection Officer – CDPO) is required.
• Minimum of 5-7 years of experience in data protection, privacy, or a related role, preferably within the financial services industry.
• In-depth knowledge of the Nigeria Data Protection Regulation (NDPR), GDPR, and other relevant data protection laws and practices.
• Strong understanding of IT security and data protection technologies.
• Excellent communication and interpersonal skills, with the ability to work effectively with stakeholders at all levels.

Key Skills:

• Analytical Thinking: Ability to assess risks and implement solutions to complex data protection issues.
• Detail-Oriented: Keen attention to detail, especially when interpreting legal and regulatory requirements.
• Project Management: Strong organizational and project management skills to manage multiple priorities and deadlines.
• Problem-Solving: Proactive approach to identifying and addressing potential data protection issues.
• Leadership: Ability to lead and influence cross-functional teams to ensure compliance with data protection regulations.
• Reports To: Chief Compliance Officer (CCO) or Chief Risk Officer (CRO)

Remuneration
Competitive and commensurate with experience.