- Lead the Privacy Program of Dialog
- Develop and seek necessary approval for Privacy policies, standards, guidelines procedures in line with Dialog and Axiata Group requirement.
- Identify Privacy threats, and associated risk impacting organization.
- Assess the associate business impact and advice management on appropriate controls for risk response.
- Prepare periodic updates to Board of Directors, Board Risk and Compliance Committee and Management on risk status and actions in place in accordance to risk response plan.
- Perform audits to ensure that closure of gaps and in line with privacy compliance expectations.
- Engage with Group, external accessors, and internal stakeholders to conduct the privacy compliance review and obtain certification/audit clearance.
- Manage and track privacy compliance exceptions, assess its risk and update risk register where required.
- Assist business, technology teams to understand Privacy threats that can impact solution deployment.
- Propose test required to be performed prior to system go-live (Privacy by Design Principles, DAST, pen-test, VA scans, Encryption techniques used, etc.)
- Advice team on go and no-go criteria from a Privacy risk perspective.
- Prepare periodic updates to management on Privacy issues impacting launch and actions in place in address issues.
- Advice incident manager and management on business impact of privacy incident
- Engage with legal and regulatory teams to ensure legal liabilities of the organization are managed and corporate communication to send out timely updates to external parties on incident details and response plan.
- Monitor and track the implementation of improvement plans post incident and prepare periodic updates to management on the same.
- Develop annual training and awareness calendar, awareness content addressing risk, targeted training content for high-risk users.
- B.Sc Engineering in Computer Science, Electrical, Electronic Engineering or similar
- Certified Information Privacy Technologist (CIPT) or Certified Privacy Solutions Engineer (CDPSE) by ISACA or Cisco Certified Network Professional
- Strong Privacy technical knowledge
- Possess strong business acumen ability to articulate complex Privacy issues and scenarios to business in simple understandable terms and vice versa.
- 3-5+ years IT/Telco/Privacy experience.