Information Security Privacy Manager

• Manage data and privacy policy and practice throughout the organisation in line with the relevant laws.
  
• Manage GDPR accountability principle by the maintenance and development of an appropriate framework.
  
• Develop and maintain appropriate policies and other documentation and record systems.
  
• Maintain an appropriate data dashboard for compliance monitoring.
  
• Conduct internal audits to ensure organisational policy and procedure is adhered to.
  
• Maintains records of processing of personal data takes the lead in developing data protection and related policy and procedures.
  
• Ensure adequate data mapping and DPIAs are undertaken and recorded as appropriate.
  
• Develop/enhance the information security and personal information management systems.
  
• Review processes and practices against independent standards for PIMS and SIMS.
  
• Draft and advise on relevant policies data sharing agreements data and privacy provisions of legal contracts and associated contracts and liaise with the legal department in the coordination of advice.
  
• Manage the internal privacy dashboard including staff accessibility to relevant policies guidance forms and training materials.
  
• Lead the program of work for data champions.
  
• Identify assess and evaluate risk and manage the data risk register and ensure they are communicated appropriately.
  
• Provide advice on information governance data and privacy matters.
  
• Ensure all new and ongoing projects are supported with an appropriate level of data and privacy expertise.
  
• Advise the business on relevant case law and other legal and regulatory developments.
  
• Manage the network of data champions to ensure they have the skills and tools to support their activity.
  
• Inform and advise all staff and relevant members on their data and privacy obligations.
  
• Develop and deliver staff awareness programs and training for the business.
  
• Drive workplace culture of transparency and accountability.
  

Requirements

• Knowledge of Data protection and other data privacy legislation including (NDPR GDPR etc.)
  
• Experience in privacy and security risk assessment and best practice mitigation including significant handson experience in privacy assessments privacy certifications/seals and information security standards certification.
  
• Significant experience in IT operations and programming including attainment of information security standards certifications and privacy seal/marks.
  
• Experience in global privacy laws including drafting of privacy policies technology provisions and outsourcing agreements.
  
• Experience in dealing successfully with different business cultures and industries.
  
• Excellent verbal written and interpersonal communication skills with the ability to communicate effectively with IT project and development teams management and business stakeholders.
  
• Developing and delivering employee training programs.
  
• Skilled in articulating information security policies procedures and guidelines to all levels of management and staff.
  
• Demonstrated leadership skills achieving stated objectives involving a diverse set of stakeholders and managing varied projects.
  
• Have excellent negotiation skills to interface with NDPR on behalf of the company represented.
  
• Demonstrated client relationship skills to continuously coordinate with controllers.
  
• Communication skills to speak with a wideranging audience from the board of directors to data subjects from managers to IT staff and lawyers.
  
• Ability to speak in the language of the average Nigerian citizen not in technical or legal jargon to handle requests and complaints from data subjects.
  

• Bachelor s Degree in Information Security Information Technology or a similar major.
  
• 10 years strong project management and reporting experience with a minimum of 2 years experience in privacy regulatory compliance (e.g. CCPA CPRA GDPR LGPD).
  
• Experience in Privacy Management Platform solution(s) (e.g. OneTrust)