- Designing, implementing and operationalising the following initiatives on personal data protection:
o data protection policies, standards and processes
o privacy training and awareness to employees
o risk management initiatives
o privacy compliance assessments, and
o oversight and monitoring
- Enforcing the data protection compliance and fulfillment of Digi's obligation as a Data User, set forth by the Malaysian Personal Data Protection Act 2010 (PDPA) and Digi's data protection policies.
- Monitoring the legal requirements, Authority's guidelines, court case laws and good practices on data protection and implementing it into the company's practice and policies.
- Work with the cross-functional team to manage projects on a timely manner. Key parties you would work with would include but not limited to Privacy Ambassadors and IM representatives, as well as stakeholders from Information Security, Technology, Marketing, and Human Resource.
- Perform data protection impact assessment on business partners and business/IT transactions.
- Conduct monitoring of performance and compliance with data processing obligations pursuant to local law and company policy.
- Provide continuous advise to business and management on matters relating to PDPA and privacy requirements.
- Reviewing and drafting data protection related internal policies, privacy notice, and contracting clauses from a data protection perspective.
- Develops and executes privacy communication campaigns to employees.
- Information Management (IM) portfolio: (1) Participate in the Group IM forum, (2) Develop policies, standards and processes in IM, (3) Implement and ensure compliance with IM policy, (4) Design and implement activities to ensure IM best practice, (5) Conduct monitoring and compliance assessments, and (6) Develop and execute IM communication campaigns to employees.
- Degree in Law, Information Technology, Finance or equivalent.
- in-house lawyer with experience working on PDPA matters is welcome to apply.
- Work experience in managing personal data, information management and compliance portfolio. Legal or banking compliance experience a bonus.
- A deep understanding of data governance and protection standards, best practices, policies and procedures within business.
- Minimum 5 years of experience in related field.
- Job responsibilities will require that this individual have good communication and writing skills and interpersonal skills to effectively influence company employees and managers.
- Good in writing to develop and document policies, standards, processes and procedures.
- Must possess strong project management skills.
- Works well under pressure with people.
- Ability to work independently with very little supervision, and able to move forward ways on how to do things effectively and efficiently.
- Analytical thinking skills and is detail oriented.
- Ability to multi task several activities at a time and balance priorities and work activities for the benefit of multiple key stakeholders.
- Good team player, who is respectful, passionate about work and excellent at building relationships with co-workers.
- Ability to travel (minimal).
- Skilled in Microsoft Excel, PowerPoint and Word.