GRC – Data Privacy Business Partner Associate

Job Description

<strong>Overview</strong><p><br></p><strong> Position </strong><p><br></p>Data Privacy Business Partner Associate<p><br></p><strong> Job Code </strong><p><br></p><strong> Reports to </strong><p><br></p><strong> Gemma Normile </strong><p><br></p><strong> Direct Reports </strong><p><br></p><strong> n/a </strong><p><br></p><strong> Division/Section </strong><p><br></p><strong> Department </strong><p><br></p><strong> Data Privacy </strong><p><br></p><strong> Sector </strong><p><br></p><strong> Governance Risk Compliance (GRC) </strong><p><br></p><strong> Job Family </strong><p><br></p><strong> Role Purpose </strong><p><br></p>The Data Privacy Business Partner Associate (the Associate) will operate as a member of the Data Privacy Office at NEOM Company, delivering a range of data privacy activities to ensure compliance with applicable regulations, and undertaking tasks to assist in embedding and maturing a state-of-the-art data privacy framework at NEOM.<p><br></p>The NEOM Data Privacy Office is a new function and is evolving rapidly to support the changing needs of the business. The Associate will be required to support the Data Privacy Business Partner in her day-to-day tasks as they evolve and will be expected to multi-task within the office in addition to focusing on the specialist areas set out below.<p><br></p><strong>Key Accountabilities &amp; Activities</strong><p><br></p><strong> Training </strong> <strong>and Awareness</strong><p><br></p><ul><li> Assist in the execution of a data privacy training and awareness plan </li><li> Develop materials for training and awareness on all components of the data privacy framework </li><li> Support delivery of both general awareness activities and targeted training initiatives </li></ul><p><br></p><strong> Record of Processing Activities (RoPA) </strong><p><br></p><ul><li> Work with all entities across NEOM Company to maintain the ROPA </li><li> Assist with the implementation of procedures across all NEOM entities for updating and validating the ROPA </li><li> Assist with the implementation and maintenance of tools to automate the ROPA process </li><li> Ensure that the ROPA is maintained, updated and validated according to procedures </li></ul><p><br></p><strong> Data Subject Rights (DSR) Requests </strong><p><br></p><ul><li> Maintain procedures for managing DSR requests </li><li> Assist with the implementation of procedures across all NEOM entities for managing DSR requests </li><li> Assist with the implementation and maintenance of tools to automate the DSR management process </li><li> Ensure DSR requests are managed according to procedures </li></ul><p><br></p><strong> Stakeholder Management </strong><p><br></p><ul><li> Handle inquiries and requests from stakeholder across all NEOM entities </li><li> Build an effective relationship with stakeholders across all NEOM entities </li></ul><p><br></p><strong>Background, Skills &amp; Qualifications</strong><p><br></p><strong> Knowledge, Skills and Experience </strong><p><br></p><ul><li> Minimum 3 years of data privacy experience in a global organisation (first or second line) with other commercial experience of process and change implementation an advantage </li><li> Experience of working with multiple departments to support the delivery of team goals </li><li> Experience in developing and delivering training and awareness initiatives in a regulated environment a distinct advantage </li><li> Experience in drafting privacy procedures and processes (first or second line) </li><li> Demonstrated understanding and application of data privacy laws and regulations </li><li> Experience in implementing process changes and controls to mitigate risks and address regulatory requirements (first or second line) </li><li> Experience in project management and change management an advantage </li><li> Experience in building and maintaining a RoPA </li><li> Good written and oral communication skills and ability to engage a variety of stakeholders and tailor messages to intended audience </li><li> Good commercial awareness and ability to develop and implement practical compliance solutions which enable business objectives </li><li> Motivated self-starter with ability to work on own initiative </li></ul><p><br></p><strong>Qualifications</strong><p><br></p><ul><li> Bachelor Level Degree </li><li> Data Protection certifications preferred or willingness to pursue certification on take up of role </li></ul><p><br></p><strong> COMMUNICATION – MAIN STAKEHOLDERS </strong><p><br></p><strong> Internal </strong><p><br></p><strong> External </strong><p><br></p>GRC Departments<p><br></p>Business Departments / Privacy Champions<p><br></p>Communications Teams