As a Data Protection & Privacy Specialist, you will support the organization's data privacy and protection initiatives by assisting in compliance activities, privacy risk assessments, Data Protection Impact Assessments (DPIAs), policy development, and awareness programs. You will collaborate with internal stakeholders to ensure personal data is processed securely and in accordance with applicable regulations.
Key Responsibilities
- Support compliance with applicable data protection and privacy regulations, including the Saudi Personal Data Protection Law (PDPL) and NCA Data Cybersecurity Controls (DCC).
- Assist in identifying and assessing privacy risks associated with business processes and data processing activities.
- Support the development, review, and maintenance of privacy policies, procedures, and standards.
- Contribute to the implementation and continuous improvement of the organization's Data Protection & Privacy Program.
- Assist in investigating privacy incidents and documenting findings and corrective actions.
- Support the execution of Data Protection Impact Assessments (DPIAs).
- Participate in privacy awareness campaigns and employee training programs.
- Coordinate with business units, Legal, IT, and external stakeholders to support compliance initiatives.
- Assist in data classification and governance activities.
- Monitor changes in privacy regulations and recommend improvements where appropriate.
- Prepare reports and documentation related to privacy compliance and governance activities.
- Bachelor's degree in Cybersecurity, Information Security, Computer Engineering, Systems Engineering, Telecommunications Engineering, Information Technology, or a related field.
- Minimum one year of experience in Cybersecurity, Data Protection, Privacy Compliance, Information Security, or completion of a Tamheer program in Data Protection & Privacy.
- Understanding of Saudi Personal Data Protection Law (PDPL).
- Familiarity with NCA Data Cybersecurity Controls (DCC).
- Knowledge of privacy principles, data classification, and information governance.
- Understanding of Data Protection Impact Assessments (DPIAs) is preferred.
- Professional certifications in cybersecurity or data privacy (e.g., CDPSE, CIPM, CIPT, CIPP/E, ISO 27701, Security+) are an advantage.
What We're Looking For
- Strong analytical and critical thinking skills.
- Excellent attention to detail.
- Effective communication and stakeholder engagement.
- Strong organizational and documentation skills.
- Ability to work collaboratively across departments.
- Passion for privacy, compliance, and continuous learning.