- Expérience
- 5 yrs
- Salaire
- —
- Ouvertures
- 1
- Publié
- il y a 1 semaine
- Work mode
- Au bureau
- Éducation
- Bachelor’s degree
- Eligibility
- Professionals with a bachelor’s degree and around 5 years of relevant experience in privacy, compliance, risk, or information security may apply. Candidates should be comfortable working in English and familiar with Saudi privacy regulations.
- Resume
- Required to apply
Description de l'emploi
Role overview
The Personal Data Protection Officer will help ASMO maintain compliance with the Saudi Personal Data Protection Law (PDPL), SDAIA guidance, and relevant international privacy standards. This position is focused on practical privacy operations, including assessments, request handling, monitoring, and documentation across the business.
Core responsibilities
- Carry out Data Protection Impact Assessments (DPIAs) for initiatives, systems, and workflows that process personal information.
- Assess privacy-related risks and define measures to reduce or control them.
- Handle Data Subject Requests (DSRs) such as access, correction, deletion, and consent withdrawal within the required time limits.
- Track and record consents so that personal and sensitive data is processed lawfully.
- Keep Records of Processing Activities (RoPA) current across all departments.
- Support privacy reviews of vendors and third parties, including checks tied to Data Processing Agreements (DPAs).
- Assist with incident and breach investigations, including written records, impact analysis, and regulatory notifications when needed.
- Perform compliance reviews and audits of personal data handling practices.
- Work with IT, Legal, and business stakeholders to build privacy requirements into systems and operational processes.
- Prepare compliance dashboards and reports for management and regulators such as SDAIA.
Experience and qualifications
A bachelor’s degree in Information Security, Law, Compliance, IT, or a related discipline is required. The ideal candidate should have around 5 years of experience in data privacy, compliance, risk management, or information security. Strong spoken and written English is essential. Knowledge of the Saudi PDPL and SDAIA regulations is important, while familiarity with GDPR or similar international privacy frameworks is an added advantage. Certification as a Certified Data Privacy Solutions Engineer (CDPSE) is preferred.
Additional requirements
The role calls for strong capability in risk assessment, documentation, and incident management, along with a high level of integrity, confidentiality, and attention to detail.