. 1. Policy & Governance

• Develop, update, and enforce the company’s data privacy policies and procedures.
• Ensure policies are aligned with the Data Privacy Act, NPC Circulars, and international standards (e.g., GDPR, ISO 27701).
• Monitor internal compliance and provide regular privacy reports to leadership.

2. Risk Assessment & Compliance Monitoring

• Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Identify and address risks related to data processing and recommend corrective actions.
• Coordinate internal audits and compliance reviews.

3. Training & Awareness

• Lead data privacy training programs and awareness campaigns for employees.
• Ensure all staff are educated on data privacy principles and breach protocols.

4. Incident Management

• Oversee the data breach response plan.
• Investigate and document privacy incidents, and liaise with the National Privacy Commission (NPC) when necessary.
• Ensure timely reporting of data breaches as required by law.

5. Data Subject Rights & Third-Party Management

• Respond to data subject access requests (DSARs) and ensure rights are fulfilled (e.g., right to access, erasure, correction).
• Evaluate third-party contracts for data privacy compliance.

• Educational Qualifications: Bachelor’s degree in Finance, Risk Management, or a related field.
• Experience Level: 3-5 years of relevant experience in risk control or compliance.
• Skills and Competencies: Strong analytical skills, attention to detail, and proficiency in risk assessment tools.
• Working Conditions: Office environment, standard working hours, may require occasional overtime.
• Qualities and Traits: Proactive, organized, skilled communicator, and able to work under pressure.