114 Data Protection jobs in Hong Kong
Data Protection and Privacy Legal
Posted today
Job Viewed
Job Description
【Job Description】
Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.
Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.
Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.
Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.
Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.
Manage tools/systems to assist internal data protection and privacy related processes.
Develop and deliver data protection and privacy trainings to internal teams.
Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.
【Qualification】
Minimum of 3 years of experience in data protection and privacy compliance.
Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.
Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.
Bachelor degree minimum, preferably with technology background.
Strong project management skills, and able to work independently with minimum supervision.
Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.
Ability to act with integrity and maintain an ethical mindset.
Can use English and Chinese languages in professional settings, and any other languages would be a plus.
Can work in a fast-paced environment, and perform well under pressure and strict timeline.
Senior Data Protection and Privacy Legal
Posted today
Job Viewed
Job Description
【Job Description】
Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.
Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.
Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.
Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.
Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.
Manage tools/systems to assist internal data protection and privacy related processes.
Develop and deliver data protection and privacy trainings to internal teams.
Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.
【Qualification】
8 years or above experience in data protection and privacy compliance.
Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.
Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.
Bachelor degree minimum, preferably with technology background.
Strong project management skills, and able to work independently with minimum supervision.
Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.
Ability to act with integrity and maintain an ethical mindset.
Can use English and Chinese languages in professional settings, and any other languages would be a plus.
Can work in a fast-paced environment, and perform well under pressure and strict timeline.
Cloud-Senior Data Protection
Posted today
Job Viewed
Job Description
Basic Infomation
Department:
AliCloud Intelligence Group
Degree:
Bachelor
Work Experience:
10 year
Job Description
- Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.
- Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.
- Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.
- Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.
- Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.
- Manage tools/systems to assist internal data protection and privacy related processes.
- Develop and deliver data protection and privacy trainings to internal teams.
- Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.
Position Requirement
- Minimum of 6 years of experience in data protection and privacy compliance.
- Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.
- Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.
- Bachelor degree minimum, preferably with technology background.
- Strong project management skills, and able to work independently with minimum supervision.
- Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.
- Ability to act with integrity and maintain an ethical mindset.
- Can use English and Chinese languages in professional settings, and any other languages would be a plus.
- Can work in a fast-paced environment, and perform well under pressure and strict timeline.
Data Protection Officer, Senior Manager
Posted today
Job Viewed
Job Description
ABOUT THE TEAM
A career at Swire Properties is more than just work, it's a calling.
We're searching for exceptional individuals who want to live and breathe "Creative Transformation" – our distinct mindset and long-term approach that inspires everything we do and how we do it. It inspires us to constantly explore new perspectives and seek out original thinking that goes beyond the conventional. Our mission, ultimately, is to constantly add value to communities and create truly amazing and sustainable places where people can thrive. Additionally, we are deeply committed to prioritising health and safety in all our operations, ensuring a healthy, safe and supporting environment for our People, partners and the communities we serve.
Join us today and work on career-defining projects that are changing the industry in Hong Kong, the Chinese Mainland, Miami and Southeast Asia.
We are seeking a Data Protection Officer, Senior Manager, who will be responsible for enhancing data privacy policies, ensuring compliance with relevant regulations, and managing incidents while fostering a culture of data protection awareness across the organization. Ideal candidates will have expertise in data protection laws, risk assessment, and program development, with a focus on both local and regional compliance.
RESPONSIBILITIES
- Data Protection Officer Duties: Act as the Data Protection Officer for Swire Properties (Hong Kong), ensuring compliance with data protection laws and regulations in Hong Kong and potentially in Southeast Asia
- Policy Enhancement and Program Development: Enhance existing data privacy policies (both internal and external), focusing on the development of a comprehensive end-to-end privacy program
- Risk Assessment and Reporting: Integrate risk assessment into the reporting mechanism, providing regular updates to senior management on compliance issues and risks
- Review data processing agreements: Draft, negotiate and review data processing agreements with partners and service providers
- Stay Informed on Regulations: Keep abreast of changes in data protection laws and regulations to ensure compliance
- Incident Management: Manage and coordinate data protection incidents and breaches, including conducting investigations and reporting to relevant authorities as required
- Training and Awareness: Develop and implement effective training and awareness programs for multiple tiers of data users and stakeholders
REQUIREMENTS
- Minimum of 10 years of experience in data protection or a related field. In-depth knowledge of data protection laws and regulations in multiple jurisdictions, including Hong Kong and Chinese mainland. Experience in data privacy governance covering Chinese Mainland and Southeast Asian countries would be an advantage
- Post-qualified experience: A solicitor qualified to practice in Hong Kong with a minimum of 8 years' post-qualification experience
- Relevant certifications (such as CIPP) would be an advantage
- Being detail-minded; strong stakeholder management, communication, and leadership skills. Able to interact with diverse groups to achieve common objectives
- Language Requirements: Demonstrated proficiency in English, Chinese, and Mandarin, both written and verbal, is required to effectively communicate with internal and external stakeholders across regions
- Experience of and ability to draft and negotiate agreements and policie
BEHAVIOURAL COMPETENCIES
- Decision Quality
- Cultivates Innovation
- Business Acumen
- Drives for Results
- Ensures Accountability
- Optimizes Work Processes
- Collaborates
- Communicates Effectively
- Situational Adaptability
WHY CHOOSE US
- Randstad Hong Kong: Awarded Most Attractive Employer in the Property and Real Estate sector for 2024 and 2025
- HRoot Awards (Chinese Mainland): Received the Best Employer Award for 2023 and 2024, along with the Best Social Enterprises Award in 2024
Don't Miss This Opportunity
As an equal opportunity employer, Swire Properties strives to foster a diverse workforce and inclusive workplace, where People can thrive.
If you require special assistance and accommodations during any part of the recruitment process, including the online application and/or the selection process, please reach out to us via email at any time.
If we haven't contacted you six weeks after your submission, then please consider your application unsuccessful this time.
All personal data collected during the application process will be kept for 12 months after its completion, and then destroyed. All information will be used for recruitment and appointment purposes only. The Company will handle all personal data confidentially in accordance with the Hong Kong Special Administrative Region's Personal Data (Privacy) Ordinance.
Assistant Technical Manager, Data Protection
Posted today
Job Viewed
Job Description
Company description:
The Hong Kong Jockey Club
Job description:
Who are we?
We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen.
Our team is a diverse mix of individuals from various backgrounds, from all across the world. We embrace our humanity, recognizing that each of us brings unique strengths and perspectives. This diversity not only enriches our work environment but also drives our innovation and creativity as we strive to achieve our collective goals.
What do we do?
We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.
We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.
The Department
The Cyber Security Department is essential to the Club's ongoing success, safeguarding information assets, IT systems, networks, and cloud platforms while ensuring the resilience and continuity of critical operations. Through the implementation of strong risk governance frameworks and cybersecurity standards, the department protects the Club against emerging threats and ensures compliance with regulatory requirements in Hong Kong and China.
As the first line of defense, the department plays a key role in maintaining the Club's reputation and operational resilience. Its core responsibilities include identifying and addressing vulnerabilities, protecting sensitive information, ensuring rapid incident response, overseeing access management, and promoting Club-wide cybersecurity awareness.
The Job
You will:
- Participate in continuous improvement efforts by supporting automation initiatives and contributing to process enhancements
- Assist in the setup and tuning of detection rules, thresholds, and response actions within DLP platforms to reduce false positives and improve accuracy
- Operate and maintain certificate lifecycle management tools, ensuring proper integration with enterprise platforms
- Assist in securing SaaS applications through CASB solutions by managing access controls and monitoring for risky behaviours
- Enforce and monitor USB access policies to ensure controlled use of removable media and prevent unauthorised data transfers
- Contribute to data classification and labelling initiatives, helping ensure sensitive information is appropriately tagged and handled
- Support the deployment and configuration of endpoint security agents across all relevant security profiles
- Collaborate with business units and end users to troubleshoot issues related to data protection controls
- Monitor data security events and support incident response activities in coordination with incident response teams
- Perform routine system checks and updates to ensure optimal performance and compliance with data security tools
About You
You should have:
- University degree qualification with a strong technical background, particularly in Information Technology, cybersecurity, application development and/or networking
- Strong hands-on experience with data security technologies such as encryption, tokenisation, secure data storage and access control
- Strong working knowledge of Data Loss Prevention (DLP) tools and techniques
- Operational experience with Cloud Access Security Broker (CASB) solutions
- Ability to translate business and operational requirements into actionable technical security configurations
- Communication skills, with the ability to explain technical security concepts to non-technical stakeholders and support users in resolving security-related issues
- Practical experience with certificate lifecycle management tools and processes
- Working knowledge of security features and configurations in public cloud ecosystems
- Familiarity with software and workflows used in data protection operations
Terms of Employment
The level of appointment will be commensurate with qualification and experience.
How to Apply
Please send your resume, complete with expected salary and job reference by clicking the Apply Now button or to:
Fax:
Mail: The Human Resources Department, The Hong Kong Jockey Club, 1 Sports Road, Happy Valley, Hong Kong
We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.
Consultant/ Senior Consultant/ Manager, Data Protection
Posted today
Job Viewed
Job Description
Position Overview:
Do you have a passion for data privacy and a desire to help organizations build trust and resilience in the digital age? We are seeking talented Data Protection Consultants to join our client's dynamic Cyber Risk team.
In this role, you will advise a diverse portfolio of global and local clients on their most critical data privacy challenges. You will be instrumental in transforming their data governance frameworks, ensuring compliance with evolving regulations, and implementing "Privacy by Design" principles into their technology and business processes. This is a unique opportunity to grow as a deep subject matter expert, contribute to cutting-edge thought leadership, and build a career with genuine impact.
Key Responsibilities:
- Lead Privacy Advisory Engagements:
Conduct data protection impact assessments (DPIAs), benchmark practices against global standards (e.g., GDPR, PIPL, HK PDPO), and identify risks across governance, people, process, and technology. - Design & Implement Frameworks:
Advise clients on the end-to-end design and implementation of robust data privacy and governance frameworks, including strategies, policies, procedures, and controls. - Embed Privacy by Design:
Guide clients on integrating privacy and security into their technology projects, digital transformations, and new business initiatives from the outset. - Drive Innovation:
Contribute to the development of our next-generation data privacy offerings, thought leadership, and eminence in the market.
To Excel, You Will Possess:
- Regulatory Expertise:
Strong knowledge of the Hong Kong PDPO; knowledge of China's PIPL, GDPR, or other APAC privacy regulations is a significant advantage - Practical Experience:
3+ years of experience in implementing privacy and information security programs, including: Data Discovery, Inventory, and Flow Mapping; Privacy Risk Assessments & DPIA; Developing Policies, Procedures, and Incident Response Plans; Privacy Training and Awareness - Technical Acumen:
A keen understanding of privacy technologies (e.g., data discovery tools, DLP) and how they are applied. Knowledge of system implementation, programming, or data analytics is a plus - Strategic Mindset:
The ability to move beyond compliance to provide strategic advice on building mature, sustainable data governance programs - Professional Credentials:
A university degree in a related field (Law, IS, Computer Science, Engineering, etc.). Professional qualifications such as CIPP/E, CIPT, CIPM, CISSP, or CDPSE are highly valued
Why Join Our Team?
- Purpose-Driven Work:
Make an impact that matters by helping clients navigate complex privacy challenges and build a more responsible digital future. - Become an Expert:
We are committed to nurturing deep subject matter experts. You will have access to unparalleled training, resources, and mentorship from industry leaders. - Work on the Frontline:
Engage with the latest regulations, technologies, and emerging trends, contributing to our firm's thought leadership and next-gen initiatives. - Competitive Rewards:
Enjoy a comprehensive compensation and benefits package tailored to recognize your expertise and contribution. - Flexible Work Model:
Benefit from a hybrid work environment designed to support your productivity and well-being.
Cloud Intelligence-Data Protection and Privacy Legal-Hong Kong SAR
Posted today
Job Viewed
Job Description
Basic Infomation
Department:
AliCloud Intelligence Group
Degree:
Bachelor
Work Experience:
3 year
Job Description
- Responsible for the data subject rights request fulfilment, data breach incident handling and reporting, third party vendor assessment and review of contract terms on data and privacy.
- Maintain data protection and privacy related policies, guidelines, standards; lead the privacy risk assessments; and drive data protection initiatives to mitigate privacy risks.
- Act as a subject matter expert, provide advice to all related internal stakeholders on data protection and privacy, help them understand the risks associated and solve their problems.
- Lead the privacy related audit or certificate programmes, including DPTM, CBPR, EU COC, etc.
- Build and maintain strong relationships with internal and external stakeholders, in particular with business teams, to work on projects related to compliance with data protection and privacy laws.
- Manage tools/systems to assist internal data protection and privacy related processes.
- Develop and deliver data protection and privacy trainings to internal teams.
- Keep abreast of new laws and regulations, as well as technology trends, assess impacts and risks and report to management and leadership.
Position Requirement
- Minimum of 3 years of experience in data protection and privacy compliance.
- Expert knowledge and experience of Data Protection and Privacy Laws in APAC, Middle East, US and the EU/UK.
- Relevant privacy qualification (e.g. CIPP/A, CIPP/E, etc.) is a plus.
- Bachelor degree minimum, preferably with technology background.
- Strong project management skills, and able to work independently with minimum supervision.
- Proven and strong capability to communicate privacy and risk-related concepts effectively to the business at all levels, and able to make judgement calls independently.
- Ability to act with integrity and maintain an ethical mindset.
- Can use English and Chinese languages in professional settings, and any other languages would be a plus.
- Can work in a fast-paced environment, and perform well under pressure and strict timeline.
Be The First To Know
About the latest Data protection Jobs in Hong Kong !
Manager/Associate Director, Data Privacy and Protection, Technology Consulting
Posted 22 days ago
Job Viewed
Job Description
Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China
Manager/Associate Director, Data Privacy and Protection, Technology Consulting1 year ago Be among the first 25 applicants
Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China
KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.
Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
We are now seeking Manager and Associate Director candidates for Data Privacy and Protection Team.
Key Responsibilities
- Lead the team to assess risks, identify gaps and provide advice on data protection and privacy for our client
- Evaluate data privacy and data protection practices of our clients
- Develop and manage relationships, and meet with relevant data protection and privacy, and security stakeholders within our clients
- Conduct Privacy Impact Assessments
- Deploy processes to manage privacy matters and stay compliant with relevant regulations
- Collaborate data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
- Identify and communicate engagement findings to management and client personnel
- Simultaneously work on multiple client engagements of varying size, scope and complexity
- Collaborate in advising the team to conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
- Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
- Lead a team to work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
- Drive preparation of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
- Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
- Technology related qualification holder on Privacy and data protection certifications will be preferrable (e.g. CIPP, CIPM, CIPT, CDPSE)
- Minimum of 5 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
- Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
- Understanding of data privacy, confidentiality and data protection from a process and risk perspective
- Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
- Experience with usage or implementation of privacy tools preferred
- Appetite to develop your privacy skills further
- Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
- Strong client services orientation and accustomed to taking an active role in executing client engagements
- Candidate with less experience will be considered as Manager
At KPMG China, we are committed to being an equal opportunity employer, with zero tolerance for any form of discrimination against any persons. It is important for us to create an inclusive, diverse and agile workplace for our people to develop and thrive at both a personal and professional level.
We strive to make ESG (environmental, social and governance) a watermark running through our organisation; from empowering our people to become agents of positive change, to providing better solutions and services to our clients to help them achieve their ESG goals. View Our Impact Plan to learn more about our ESG commitments and progress across four key pillars - Governance, People, Planet and Prosperity – and how we make a positive impact on our people, environment and society.
We encourage you to come as you are, and we welcome all qualified candidates to apply, and hope you unlock opportunities with us. Visit KPMG China website for more company information.
You acknowledge and agree that all personal information hereby provided regarding yourself will be used by KPMG China for its candidate selection purposed only. KPMG China collects, uses, processes, and retains your personal information in accordance with KPMG China’s Online Privacy Statement and/or KPMG China Privacy Statement (collectively "Privacy Statement "). During the recruitment process, KPMG China may need to store personal information of candidates in a designated third-party application tracking platform.
If you have any questions regarding the information you provided in the form or your job application in general, please contact KPMG China’s HR personnel in the location where your application is submitted (see here). Seniority level
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries Professional Services
Referrals increase your chances of interviewing at KPMG China by 2x
Sign in to set job alerts for “Data Manager” roles. Data Management Analyst, Chief Data Office Data Analyst / IT Business Analyst (Python Skills Required) Data Manager (Bank, Data Governance/ Up to 52K + bonus) Senior Data & AI Program Manager - Data Science & Governance Data Engineering Manager (Hands-on leadership role)Wan Chai District, Hong Kong SAR 1 month ago
Regional Assistant Infrastructure Manager, APAC (Assistant) Manager, Data Analytics, HK Retirement Lead Data Analyst - Global Asset Management Firm - Hong Kong Business Data Analyst (US Buying Office) Associate Manager, Workforce Data & ApplicationsIslands District, Hong Kong SAR 2 months ago
Assistant Manager, Data Management And Governance Finance Manager, Data & Process Automation Technology Consulting - AI & Data - Data Governance - Manager - Hong Kong Deputy Executive Manager, Data Analytics ArchitectureSha Tin District, Hong Kong SAR 2 days ago
Assistant Treasury Manager, Data & AutomationWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrManager/Associate Director, Data Privacy and Protection, Technology Consulting
Posted 3 days ago
Job Viewed
Job Description
Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China
Manager/Associate Director, Data Privacy and Protection, Technology Consulting1 year ago Be among the first 25 applicants
Join to apply for the Manager/Associate Director, Data Privacy and Protection, Technology Consulting role at KPMG China
KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you’ll translate insights into action and reveal opportunities for all—our teams, our clients and our world.
Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
We are now seeking Manager and Associate Director candidates for Data Privacy and Protection Team.
Key Responsibilities
- Lead the team to assess risks, identify gaps and provide advice on data protection and privacy for our client
- Evaluate data privacy and data protection practices of our clients
- Develop and manage relationships, and meet with relevant data protection and privacy, and security stakeholders within our clients
- Conduct Privacy Impact Assessments
- Deploy processes to manage privacy matters and stay compliant with relevant regulations
- Collaborate data governance engagements across the full set of capabilities at KPMG, including data strategy, data privacy governance and policy, privacy by design, personal data protection, personal data lifecycle management, third party management, compliance and risk management
- Identify and communicate engagement findings to management and client personnel
- Simultaneously work on multiple client engagements of varying size, scope and complexity
- Collaborate in advising the team to conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase data protection
- Communicate best practices by giving presentations, working with project teams, and authoring content aimed at educating others about standards, strategies, and otherwise defined best practices
- Lead a team to work individually and collaboratively with team members to ensure breadth and granularity of strategies, standards and reference architectures for consistency and integration
- Drive preparation of proposals and put together solutions, supporting literature, diagrams, write-up, responses, etc
- Bachelor/Master degree from an accredited college / university in Computer Science, Law & compliance or other related field
- Technology related qualification holder on Privacy and data protection certifications will be preferrable (e.g. CIPP, CIPM, CIPT, CDPSE)
- Minimum of 5 years’ experience in data privacy and data protection, ideally within a professional services environment or internal consultancy function delivering privacy related services
- Profound knowledge of data protection regulations, especially Hong Kong’s PDPO, European’s GDPR and China’s Personal Data Protection Law
- Understanding of data privacy, confidentiality and data protection from a process and risk perspective
- Experience and knowledge in performing privacy impact assessments, privacy compliance assessments, design of data privacy policies and guidelines, personal data flow mapping and analysis, implementation of privacy training and awareness programs and advising on privacy by design
- Experience with usage or implementation of privacy tools preferred
- Appetite to develop your privacy skills further
- Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
- Strong client services orientation and accustomed to taking an active role in executing client engagements
- Candidate with less experience will be considered as Manager
At KPMG China, we are committed to being an equal opportunity employer, with zero tolerance for any form of discrimination against any persons. It is important for us to create an inclusive, diverse and agile workplace for our people to develop and thrive at both a personal and professional level.
We strive to make ESG (environmental, social and governance) a watermark running through our organisation; from empowering our people to become agents of positive change, to providing better solutions and services to our clients to help them achieve their ESG goals. View Our Impact Plan to learn more about our ESG commitments and progress across four key pillars - Governance, People, Planet and Prosperity – and how we make a positive impact on our people, environment and society.
We encourage you to come as you are, and we welcome all qualified candidates to apply, and hope you unlock opportunities with us. Visit KPMG China website for more company information.
You acknowledge and agree that all personal information hereby provided regarding yourself will be used by KPMG China for its candidate selection purposed only. KPMG China collects, uses, processes, and retains your personal information in accordance with KPMG China’s Online Privacy Statement and/or KPMG China Privacy Statement (collectively "Privacy Statement "). During the recruitment process, KPMG China may need to store personal information of candidates in a designated third-party application tracking platform.
If you have any questions regarding the information you provided in the form or your job application in general, please contact KPMG China’s HR personnel in the location where your application is submitted (see here). Seniority level
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries Professional Services
Referrals increase your chances of interviewing at KPMG China by 2x
Sign in to set job alerts for “Data Manager” roles. Data Management Analyst, Chief Data Office Data Analyst / IT Business Analyst (Python Skills Required) Data Manager (Bank, Data Governance/ Up to 52K + bonus) Senior Data & AI Program Manager - Data Science & Governance Data Engineering Manager (Hands-on leadership role)Wan Chai District, Hong Kong SAR 1 month ago
Regional Assistant Infrastructure Manager, APAC (Assistant) Manager, Data Analytics, HK Retirement Lead Data Analyst - Global Asset Management Firm - Hong Kong Business Data Analyst (US Buying Office) Associate Manager, Workforce Data & ApplicationsIslands District, Hong Kong SAR 2 months ago
Assistant Manager, Data Management And Governance Finance Manager, Data & Process Automation Technology Consulting - AI & Data - Data Governance - Manager - Hong Kong Deputy Executive Manager, Data Analytics ArchitectureSha Tin District, Hong Kong SAR 2 days ago
Assistant Treasury Manager, Data & AutomationWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrData Privacy Manager
Posted 7 days ago
Job Viewed
Job Description
1 day ago Be among the first 25 applicants
OverviewAbout Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Application Deadline: 27 October 2025
Department: Technology-CDSIO
Location: Hong Kong (SAR)
DescriptionAbout Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Why Mox
Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits. Who says banking can’t be fun?
- Develop and Implement Privacy Program: Design, develop, and implement a comprehensive privacy program that aligns with Mox’s risk management framework and complies with relevant data protection regulations, such as PDPO, PIPL, GDPR
- Conduct Privacy Impact Assessments (PIAs): Conduct PIAs to identify and mitigate potential privacy risks associated with new and existing products, services, and processes.
- Data Inventory: Maintain an up-to-date inventory of personal data
- Privacy Policies and Procedures: Develop, review, and update privacy policies and procedures to ensure they are current, effective, and compliant with regulatory requirements and accommodate business needs.
- Data Subject requests: provide response to the data access and correction request
- Training and Awareness: Provide training and awareness programs for employees on privacy best practices, data protection regulations, and the organization’s privacy policies and procedures.
- Incident Management: Develop and implement procedures for responding to data breaches and other privacy incidents, including notification to relevant authorities and affected individuals.
- Vendor management: Assist third-party vendor risk management program to ensure compliance with data protection regulations and organizational privacy policies, through vendor risk assessments, due diligence, contract review, and ongoing monitoring.
- Regulatory Compliance: Monitor and ensure compliance with relevant data protection regulations, including responding to regulatory inquiries and audits.
- Stakeholder Collaboration: Collaborate with various stakeholders, including IT, Risk, Compliance, Legal and Business teams to ensure privacy is integrated into business processes and operations.
- Continuous Monitoring and Improvement: Continuously monitor the privacy program’s effectiveness and identify areas for improvement, implementing changes as necessary.
- 5+ years of experience in a privacy or data protection role, preferably in a fintech or banking environment.
- Strong knowledge of data protection regulations, such as PDPO, GDPR, PIPL.
- Experience in developing and drafting privacy & data related governance documents
- Experience in developing and implementing a privacy program, conducting PIA, handling data incident, managing data subject access and correction request.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work collaboratively with various stakeholders across the organization
- Provide advisory and consultation to assist stakeholders to navigate the regulatory compliance during daily operation, product design, third party vendor onboarding, customer enquiries, etc.
- Act as Subject Matter Expert for the first line of defense
- Strong attention to detail and organizational skills.
- Professional education & certification in data protection or privacy, such as law, CISA, CISSP, CIPP, CIPM, CIPT.
- Experience with data inventory.
- Experience & knowledge on fintech and banking operations.
All personal data provided by applicants will be used for recruitment and other employment-related purposes only. Personal data of unsuccessful applicants will be erased within 24 months of rejection of the applicant’s application.
#J-18808-Ljbffr