114 Data Protection jobs in Hong Kong

【Job Description】

1. Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.

2. Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.

3. Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.

4. Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.

5. Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.

6. Manage tools/systems to assist internal data protection and privacy related processes.

7. Develop and deliver data protection and privacy trainings to internal teams.

8. Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.

【Qualification】

1. 8 years or above experience in data protection and privacy compliance.

2. Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.

3. Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.

4. Bachelor degree minimum, preferably with technology background.

5. Strong project management skills, and able to work independently with minimum supervision.

6. Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.

7. Ability to act with integrity and maintain an ethical mindset.

8. Can use English and Chinese languages in professional settings, and any other languages would be a plus.

9. Can work in a fast-paced environment, and perform well under pressure and strict timeline.

Basic Infomation

Department:

AliCloud Intelligence Group

Degree:

Bachelor

Work Experience:

10 year

Job Description

1. Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.
2. Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.
3. Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.
4. Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.
5. Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.
6. Manage tools/systems to assist internal data protection and privacy related processes.
7. Develop and deliver data protection and privacy trainings to internal teams.
8. Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.

Position Requirement

1. Minimum of 6 years of experience in data protection and privacy compliance.
2. Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.
3. Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.
4. Bachelor degree minimum, preferably with technology background.
5. Strong project management skills, and able to work independently with minimum supervision.
6. Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.
7. Ability to act with integrity and maintain an ethical mindset.
8. Can use English and Chinese languages in professional settings, and any other languages would be a plus.
9. Can work in a fast-paced environment, and perform well under pressure and strict timeline.

ABOUT THE TEAM

A career at Swire Properties is more than just work, it's a calling.

We're searching for exceptional individuals who want to live and breathe "Creative Transformation" – our distinct mindset and long-term approach that inspires everything we do and how we do it. It inspires us to constantly explore new perspectives and seek out original thinking that goes beyond the conventional. Our mission, ultimately, is to constantly add value to communities and create truly amazing and sustainable places where people can thrive. Additionally, we are deeply committed to prioritising health and safety in all our operations, ensuring a healthy, safe and supporting environment for our People, partners and the communities we serve.

Join us today and work on career-defining projects that are changing the industry in Hong Kong, the Chinese Mainland, Miami and Southeast Asia.

We are seeking a Data Protection Officer, Senior Manager, who will be responsible for enhancing data privacy policies, ensuring compliance with relevant regulations, and managing incidents while fostering a culture of data protection awareness across the organization. Ideal candidates will have expertise in data protection laws, risk assessment, and program development, with a focus on both local and regional compliance.

RESPONSIBILITIES

• Data Protection Officer Duties: Act as the Data Protection Officer for Swire Properties (Hong Kong), ensuring compliance with data protection laws and regulations in Hong Kong and potentially in Southeast Asia
• Policy Enhancement and Program Development: Enhance existing data privacy policies (both internal and external), focusing on the development of a comprehensive end-to-end privacy program
• Risk Assessment and Reporting: Integrate risk assessment into the reporting mechanism, providing regular updates to senior management on compliance issues and risks
• Review data processing agreements: Draft, negotiate and review data processing agreements with partners and service providers
• Stay Informed on Regulations: Keep abreast of changes in data protection laws and regulations to ensure compliance
• Incident Management: Manage and coordinate data protection incidents and breaches, including conducting investigations and reporting to relevant authorities as required
• Training and Awareness: Develop and implement effective training and awareness programs for multiple tiers of data users and stakeholders

REQUIREMENTS

• Minimum of 10 years of experience in data protection or a related field. In-depth knowledge of data protection laws and regulations in multiple jurisdictions, including Hong Kong and Chinese mainland. Experience in data privacy governance covering Chinese Mainland and Southeast Asian countries would be an advantage
• Post-qualified experience: A solicitor qualified to practice in Hong Kong with a minimum of 8 years' post-qualification experience
• Relevant certifications (such as CIPP) would be an advantage
• Being detail-minded; strong stakeholder management, communication, and leadership skills. Able to interact with diverse groups to achieve common objectives
• Language Requirements: Demonstrated proficiency in English, Chinese, and Mandarin, both written and verbal, is required to effectively communicate with internal and external stakeholders across regions
• Experience of and ability to draft and negotiate agreements and policie

BEHAVIOURAL COMPETENCIES

• Decision Quality
• Cultivates Innovation
• Business Acumen
• Drives for Results
• Ensures Accountability
• Optimizes Work Processes
• Collaborates
• Communicates Effectively
• Situational Adaptability

WHY CHOOSE US

• Randstad Hong Kong: Awarded Most Attractive Employer in the Property and Real Estate sector for 2024 and 2025
• HRoot Awards (Chinese Mainland): Received the Best Employer Award for 2023 and 2024, along with the Best Social Enterprises Award in 2024

Don't Miss This Opportunity

As an equal opportunity employer, Swire Properties strives to foster a diverse workforce and inclusive workplace, where People can thrive.

If you require special assistance and accommodations during any part of the recruitment process, including the online application and/or the selection process, please reach out to us via email at any time.

If we haven't contacted you six weeks after your submission, then please consider your application unsuccessful this time.

All personal data collected during the application process will be kept for 12 months after its completion, and then destroyed. All information will be used for recruitment and appointment purposes only. The Company will handle all personal data confidentially in accordance with the Hong Kong Special Administrative Region's Personal Data (Privacy) Ordinance.

Company description:

The Hong Kong Jockey Club

Job description:

Who are we?

We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen.

Our team is a diverse mix of individuals from various backgrounds, from all across the world. We embrace our humanity, recognizing that each of us brings unique strengths and perspectives. This diversity not only enriches our work environment but also drives our innovation and creativity as we strive to achieve our collective goals.

What do we do?

We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.

We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.

The Department

The Cyber Security Department is essential to the Club's ongoing success, safeguarding information assets, IT systems, networks, and cloud platforms while ensuring the resilience and continuity of critical operations. Through the implementation of strong risk governance frameworks and cybersecurity standards, the department protects the Club against emerging threats and ensures compliance with regulatory requirements in Hong Kong and China.

As the first line of defense, the department plays a key role in maintaining the Club's reputation and operational resilience. Its core responsibilities include identifying and addressing vulnerabilities, protecting sensitive information, ensuring rapid incident response, overseeing access management, and promoting Club-wide cybersecurity awareness.

The Job

You will:

• Participate in continuous improvement efforts by supporting automation initiatives and contributing to process enhancements
• Assist in the setup and tuning of detection rules, thresholds, and response actions within DLP platforms to reduce false positives and improve accuracy
• Operate and maintain certificate lifecycle management tools, ensuring proper integration with enterprise platforms
• Assist in securing SaaS applications through CASB solutions by managing access controls and monitoring for risky behaviours
• Enforce and monitor USB access policies to ensure controlled use of removable media and prevent unauthorised data transfers
• Contribute to data classification and labelling initiatives, helping ensure sensitive information is appropriately tagged and handled
• Support the deployment and configuration of endpoint security agents across all relevant security profiles
• Collaborate with business units and end users to troubleshoot issues related to data protection controls
• Monitor data security events and support incident response activities in coordination with incident response teams
• Perform routine system checks and updates to ensure optimal performance and compliance with data security tools

About You

You should have:

• University degree qualification with a strong technical background, particularly in Information Technology, cybersecurity, application development and/or networking
• Strong hands-on experience with data security technologies such as encryption, tokenisation, secure data storage and access control
• Strong working knowledge of Data Loss Prevention (DLP) tools and techniques
• Operational experience with Cloud Access Security Broker (CASB) solutions
• Ability to translate business and operational requirements into actionable technical security configurations
• Communication skills, with the ability to explain technical security concepts to non-technical stakeholders and support users in resolving security-related issues
• Practical experience with certificate lifecycle management tools and processes
• Working knowledge of security features and configurations in public cloud ecosystems
• Familiarity with software and workflows used in data protection operations

Terms of Employment

The level of appointment will be commensurate with qualification and experience.

How to Apply

Please send your resume, complete with expected salary and job reference by clicking the Apply Now button or to:

Fax:

Mail: The Human Resources Department, The Hong Kong Jockey Club, 1 Sports Road, Happy Valley, Hong Kong

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.

Position Overview:

Do you have a passion for data privacy and a desire to help organizations build trust and resilience in the digital age? We are seeking talented Data Protection Consultants to join our client's dynamic Cyber Risk team.

In this role, you will advise a diverse portfolio of global and local clients on their most critical data privacy challenges. You will be instrumental in transforming their data governance frameworks, ensuring compliance with evolving regulations, and implementing "Privacy by Design" principles into their technology and business processes. This is a unique opportunity to grow as a deep subject matter expert, contribute to cutting-edge thought leadership, and build a career with genuine impact.

Key Responsibilities:

• Lead Privacy Advisory Engagements:
  Conduct data protection impact assessments (DPIAs), benchmark practices against global standards (e.g., GDPR, PIPL, HK PDPO), and identify risks across governance, people, process, and technology.
• Design & Implement Frameworks:
  Advise clients on the end-to-end design and implementation of robust data privacy and governance frameworks, including strategies, policies, procedures, and controls.
• Embed Privacy by Design:
  Guide clients on integrating privacy and security into their technology projects, digital transformations, and new business initiatives from the outset.
• Drive Innovation:
  Contribute to the development of our next-generation data privacy offerings, thought leadership, and eminence in the market.

To Excel, You Will Possess:

• Regulatory Expertise:
  Strong knowledge of the Hong Kong PDPO; knowledge of China's PIPL, GDPR, or other APAC privacy regulations is a significant advantage
• Practical Experience:
  3+ years of experience in implementing privacy and information security programs, including: Data Discovery, Inventory, and Flow Mapping; Privacy Risk Assessments & DPIA; Developing Policies, Procedures, and Incident Response Plans; Privacy Training and Awareness
• Technical Acumen:
  A keen understanding of privacy technologies (e.g., data discovery tools, DLP) and how they are applied. Knowledge of system implementation, programming, or data analytics is a plus
• Strategic Mindset:
  The ability to move beyond compliance to provide strategic advice on building mature, sustainable data governance programs
• Professional Credentials:
  A university degree in a related field (Law, IS, Computer Science, Engineering, etc.). Professional qualifications such as CIPP/E, CIPT, CIPM, CISSP, or CDPSE are highly valued

Why Join Our Team?

• Purpose-Driven Work:
  Make an impact that matters by helping clients navigate complex privacy challenges and build a more responsible digital future.
• Become an Expert:
  We are committed to nurturing deep subject matter experts. You will have access to unparalleled training, resources, and mentorship from industry leaders.
• Work on the Frontline:
  Engage with the latest regulations, technologies, and emerging trends, contributing to our firm's thought leadership and next-gen initiatives.
• Competitive Rewards:
  Enjoy a comprehensive compensation and benefits package tailored to recognize your expertise and contribution.
• Flexible Work Model:
  Benefit from a hybrid work environment designed to support your productivity and well-being.

Basic Infomation

Department:

AliCloud Intelligence Group

Degree:

Bachelor

Work Experience:

3 year

Job Description

1. Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.
2. Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.
3. Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.
4. Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.
5. Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.
6. Manage tools/systems to assist internal data protection and privacy related processes.
7. Develop and deliver data protection and privacy trainings to internal teams.
8. Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.

Position Requirement

1. Minimum of 3 years of experience in data protection and privacy compliance.
2. Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.
3. Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.
4. Bachelor degree minimum, preferably with technology background.
5. Strong project management skills, and able to work independently with minimum supervision.
6. Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.
7. Ability to act with integrity and maintain an ethical mindset.
8. Can use English and Chinese languages in professional settings, and any other languages would be a plus.
9. Can work in a fast-paced environment, and perform well under pressure and strict timeline.

Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China

1 year ago Be among the first 25 applicants

Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.

Service Line Overview

At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.

KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.

We are now seeking Manager and Associate Director candidates for Data Privacy and Protection Team.

Key Responsibilities

• Lead the team to assess risks, identify gaps and provide advice on data protection and privacy for our client
• Evaluate data privacy and data protection practices of our clients
• Develop and manage relationships, and meet with relevant data protection and privacy, and security stakeholders within our clients
• Conduct Privacy Impact Assessments
• Deploy processes to manage privacy matters and stay compliant with relevant regulations
• Collaborate data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
• Identify and communicate engagement findings to management and client personnel
• Simultaneously work on multiple client engagements of varying size, scope and complexity
• Collaborate in advising the team to conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
• Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
• Lead a team to work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
• Drive preparation of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
  
  
  

• Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
• Technology related qualification holder on Privacy and data protection certifications will be preferrable (e.g. CIPP, CIPM, CIPT, CDPSE)
• Minimum of 5 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
• Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
• Understanding of data privacy, confidentiality and data protection from a process and risk perspective
• Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
• Experience with usage or implementation of privacy tools preferred
• Appetite to develop your privacy skills further
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
• Strong client services orientation and accustomed to taking an active role in executing client engagements
• Candidate with less experience will be considered as Manager
  
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

Wan Chai District, Hong Kong SAR 1 month ago

Islands District, Hong Kong SAR 2 months ago

Sha Tin District, Hong Kong SAR 2 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China

1 year ago Be among the first 25 applicants

Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.
Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
We are now seeking Manager and Associate Director candidates for Data Privacy and Protection Team.
Key Responsibilities

• Lead the team to assess risks, identify gaps and provide advice on data protection and privacy for our client
• Evaluate data privacy and data protection practices of our clients
• Develop and manage relationships, and meet with relevant data protection and privacy, and security stakeholders within our clients
• Conduct Privacy Impact Assessments
• Deploy processes to manage privacy matters and stay compliant with relevant regulations
• Collaborate data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
• Identify and communicate engagement findings to management and client personnel
• Simultaneously work on multiple client engagements of varying size, scope and complexity
• Collaborate in advising the team to conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
• Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
• Lead a team to work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
• Drive preparation of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
  

• Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
• Technology related qualification holder on Privacy and data protection certifications will be preferrable (e.g. CIPP, CIPM, CIPT, CDPSE)
• Minimum of 5 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
• Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
• Understanding of data privacy, confidentiality and data protection from a process and risk perspective
• Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
• Experience with usage or implementation of privacy tools preferred
• Appetite to develop your privacy skills further
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
• Strong client services orientation and accustomed to taking an active role in executing client engagements
• Candidate with less experience will be considered as Manager
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Professional Services

Referrals increase your chances of interviewing at KPMG China by 2x

Wan Chai District, Hong Kong SAR 1 month ago

Islands District, Hong Kong SAR 2 months ago

Sha Tin District, Hong Kong SAR 2 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

1 day ago Be among the first 25 applicants

About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Application Deadline: 27 October 2025

Department: Technology-CDSIO

Location: Hong Kong (SAR)

About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Why Mox
Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits. Who says banking can’t be fun?

• Develop and Implement Privacy Program: Design, develop, and implement a comprehensive privacy program that aligns with Mox’s risk management framework and complies with relevant data protection regulations, such as PDPO, PIPL, GDPR
• Conduct Privacy Impact Assessments (PIAs): Conduct PIAs to identify and mitigate potential privacy risks associated with new and existing products, services, and processes.
• Data Inventory: Maintain an up-to-date inventory of personal data
• Privacy Policies and Procedures: Develop, review, and update privacy policies and procedures to ensure they are current, effective, and compliant with regulatory requirements and accommodate business needs.
• Data Subject requests: provide response to the data access and correction request
• Training and Awareness: Provide training and awareness programs for employees on privacy best practices, data protection regulations, and the organization’s privacy policies and procedures.
• Incident Management: Develop and implement procedures for responding to data breaches and other privacy incidents, including notification to relevant authorities and affected individuals.
• Vendor management: Assist third-party vendor risk management program to ensure compliance with data protection regulations and organizational privacy policies, through vendor risk assessments, due diligence, contract review, and ongoing monitoring.
• Regulatory Compliance: Monitor and ensure compliance with relevant data protection regulations, including responding to regulatory inquiries and audits.
• Stakeholder Collaboration: Collaborate with various stakeholders, including IT, Risk, Compliance, Legal and Business teams to ensure privacy is integrated into business processes and operations.
• Continuous Monitoring and Improvement: Continuously monitor the privacy program’s effectiveness and identify areas for improvement, implementing changes as necessary.

• 5+ years of experience in a privacy or data protection role, preferably in a fintech or banking environment.
• Strong knowledge of data protection regulations, such as PDPO, GDPR, PIPL.
• Experience in developing and drafting privacy & data related governance documents
• Experience in developing and implementing a privacy program, conducting PIA, handling data incident, managing data subject access and correction request.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work collaboratively with various stakeholders across the organization
• Provide advisory and consultation to assist stakeholders to navigate the regulatory compliance during daily operation, product design, third party vendor onboarding, customer enquiries, etc.
• Act as Subject Matter Expert for the first line of defense
• Strong attention to detail and organizational skills.
• Professional education & certification in data protection or privacy, such as law, CISA, CISSP, CIPP, CIPM, CIPT.
• Experience with data inventory.
• Experience & knowledge on fintech and banking operations.

All personal data provided by applicants will be used for recruitment and other employment-related purposes only. Personal data of unsuccessful applicants will be erased within 24 months of rejection of the applicant’s application.