Broxer
Join
ASMO

Personal Data Protection Officer

ASMO

Saudi Arabia · Full Time

Be the first to apply

⚠️
This job is no longer accepting applications. The application deadline has passed. Browse open jobs →
Experience
5 yrs
Salary
Openings
1
Posted
1 week ago
Work mode
In office
Education
Bachelor’s degree
Eligibility
Professionals with a bachelor’s degree and around 5 years of relevant experience in privacy, compliance, risk, or information security may apply. Candidates should be comfortable working in English and familiar with Saudi privacy regulations.
Resume
Required to apply

Job description

Role overview

The Personal Data Protection Officer will help ASMO maintain compliance with the Saudi Personal Data Protection Law (PDPL), SDAIA guidance, and relevant international privacy standards. This position is focused on practical privacy operations, including assessments, request handling, monitoring, and documentation across the business.

Core responsibilities

  • Carry out Data Protection Impact Assessments (DPIAs) for initiatives, systems, and workflows that process personal information.
  • Assess privacy-related risks and define measures to reduce or control them.
  • Handle Data Subject Requests (DSRs) such as access, correction, deletion, and consent withdrawal within the required time limits.
  • Track and record consents so that personal and sensitive data is processed lawfully.
  • Keep Records of Processing Activities (RoPA) current across all departments.
  • Support privacy reviews of vendors and third parties, including checks tied to Data Processing Agreements (DPAs).
  • Assist with incident and breach investigations, including written records, impact analysis, and regulatory notifications when needed.
  • Perform compliance reviews and audits of personal data handling practices.
  • Work with IT, Legal, and business stakeholders to build privacy requirements into systems and operational processes.
  • Prepare compliance dashboards and reports for management and regulators such as SDAIA.

Experience and qualifications

A bachelor’s degree in Information Security, Law, Compliance, IT, or a related discipline is required. The ideal candidate should have around 5 years of experience in data privacy, compliance, risk management, or information security. Strong spoken and written English is essential. Knowledge of the Saudi PDPL and SDAIA regulations is important, while familiarity with GDPR or similar international privacy frameworks is an added advantage. Certification as a Certified Data Privacy Solutions Engineer (CDPSE) is preferred.

Additional requirements

The role calls for strong capability in risk assessment, documentation, and incident management, along with a high level of integrity, confidentiality, and attention to detail.

Skills

Stakeholder Collaboration Regulatory Reporting Data Privacy Compliance Privacy Risk Assessment Data Protection Impact Assessments Data Subject Request Management Records of Processing Activities (RoPA) Vendor Privacy Assessment Breach Incident Response Documentation and Audit Saudi PDPL SDAIA Compliance

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files