Role Purpose The Data Protection Officer leads the organizations compliance with the Saudi Personal Data Protection Law (PDPL) and oversees the protection of personal data across the group and its subsidiaries. The DPO monitors compliance, advises the business, acts as the contact poin...
Additional Information
The Role Role Purpose The Data Protection Officer leads the organizations compliance with the Saudi Personal Data Protection Law (PDPL) and oversees the protection of personal data across the group and its subsidiaries. The DPO monitors compliance, advises the business, acts as the contact point for data subjects and for SDAIA, and provides independent assurance that personal data is processed lawfully, fairly and securely. KEY RESPONSIBILITIES, ACCOUNTABILITIES AND ACTIVITIES General · Monitor and oversee ongoing compliance with the PDPL, its Implementing Regulations and the SDAIA DPO Rules across all processing activities of the group and its subsidiaries. · Act as the contact point with SDAIA and with data subjects; register and keep the DPOs contact details current on the National Data Governance Platform. · Advise the business on data-protection obligations and review new products, services, systems and processing activities before launch. · Maintain the Records of Processing Activities (RoPA) and oversee Data Protection Impact Assessments (DPIAs) for high-risk processing. · Ensure breach response plans are adequate and effective; notify SDAIA within 72 hours of becoming aware of a notifiable breach, and notify affected individuals where the breach is high-risk. · Manage requests for access, correction, deletion, objection and portability within the statutory timeframes. · Ensure an approved transfer mechanism (SCCs or BCRs) and a transfer risk assessment are in place before any personal data leaves the Kingdom. · Deliver data-protection awareness, training and knowledge transfer across the organization. · Prepare periodic compliance reports and recommendations for senior management and the Data & AI Governance Committee. Work with the CISO on security controls for personal data and with the CDPO on the wider data-governance programme.
Requirements Qualifications · Degree in law, information governance, information technology, risk or a related field. · A recognised privacy certification (e.g., CIPP/E, CIPM, CDPO, ISO 27701 Lead Implementer/Auditor) is desirable. · Demonstrable knowledge of the PDPL and its Implementing Regulations, the SDAIA DPO Rules, the NDMO Standards and any applicable sectoral requirements. · Sound knowledge of risk-management practice, including the handling of personal-data breach incidents. · Several years of experience in data protection, privacy or compliance, ideally within the Kingdom or the wider GCC. · High personal integrity, with no prior convictions involving dishonesty or breach of trust (as required by the SDAIA DPO Rules). · Professional proficiency in Arabic and English (Arabic strongly preferred for the SDAIA and data-subject interface). Skills · Independent judgement and the standing to challenge the business where required. · Clear written and verbal communication, including the ability to translate legal requirements into practical controls. · Stakeholder management across legal, IT, security, HR and the operating subsidiaries. · Discretion in handling confidential and sensitive personal data. · Strong analytical and problem-solving abilities. · Ability to work independently and manage multiple priorities. · Attention to detail and commitment to compliance.
About the company Propel Consult delivers a service in step with the needs of both our client companies and candidates. Our ability to add value to all levels of recruitment stems from our wholehearted belief in providing a professional service to both parties. We have built relationships with many leading indigenous and mulitnational organisations throughout the Middle East and internationally in countries such as UAE, Qatar, Saudi Arabia, Oman, Bahrain, Kuwait, Egypt and many more. Concentrating our resources has created 5 distinct specialist divisions: - Banking & Finance - Human Resources - Oil & Gas - Construction - Architecture & Engineering
Interested in this position? Click the button below to apply.