Lead, Group Privacy, Portfolio at Standard Bank Group

Job Description

To lead the implementation of the Standard Bank Group Information Risk Management (including Data Privacy Risk) Framework, as it relates to the holistic approach to Information Risk Management. To ensure Group compliance with applicable Information and Privacy laws, regulations and industry standards. To lead the oversight implementation of the Data Privacy Compliance Framework across all countries & jurisdictions.

• Drive and participate in oversight committees and forums relevant to specialised area of expertise, in order to monitor the implementation of the Information Risk Management Framework, which includes Data Privacy Risk.
• Keep abreast of and analyse relevant legislative and regulatory developments in collaboration with key stakeholders such as Non-Financial Risk, Compliance, Group Legal, Group Data Privacy Office and Local Data Privacy Officers, in order to ensure a fit for purpose framework, to understand the implications for the organisation and to deliver expert advice.
• Lead and drive the digitisation, culture, data driven approach, monitoring and assurance activities and toolbox enablers to ensure the implementation and embeddedness of Information Risk (including Data Privacy Risk) across the Group.

Qualifications

Minimum Qualifications

• First Degree in either Information Technology or Legal
• A post graduate degree in Legal, Risk Management or Information Technology would be beneficial. An International Certificate in Compliance / Privacy Information would be preferred.
• Industry certifications such as CISSP, CISM, CRISC, CDPSE.

Experience Required

• 5 – 7 years banking experience with a deep level of understanding of Financial Services and the importance of Data Privacy.
• 10 – 15 years risk management experience especially as it relates to Information Risk, Data Privacy Risk and Cyber Risk.
• 8 – 10 years’ experience as a seasoned leader and expert in Legal and Risk Management with profound knowledge of the full dimensions of the field, but deep expertise in the relevant area of specialisation, namely Data Privacy Risk. Regulatory environment savvy, a proven track record in influencing seasoned leaders and employees across multiple countries, Client Segments and Client Solutions to effectively implement Data Privacy Compliance Frameworks. Be able to quote the acts applicable to Data Privacy.