Deskripsi Pekerjaan
ECLOF International is seeking a meticulous and proactive Data Privacy and Compliance Officer to join our dynamic team in Quezon City. In this pivotal role, you will serve as the guardian of our organizational integrity, integrating sophisticated privacy governance with Enterprise Risk Management (ERM). Your mission is to protect sensitive client data, mitigate operational risks, and champion a 'privacy-by-design' culture across our microfinance operations.
As we continue to expand our financial services, the successful candidate will ensure that our data processing activities remain strictly aligned with the Data Privacy Act of 2012 and international regulatory standards. You will work closely with cross-functional departments to provide expert guidance on data protection impact assessments, incident response protocols, and ethical data management, ultimately fostering trust with our clients and stakeholders.
Tanggung Jawab
- Develop, implement, and maintain comprehensive data privacy policies and procedures in alignment with the Data Privacy Act (DPA) and GDPR standards.
- Lead Enterprise Risk Management (ERM) initiatives by identifying, assessing, and mitigating privacy-related operational risks.
- Conduct regular Privacy Impact Assessments (PIA) for new systems, projects, and vendor integrations to ensure privacy-by-design.
- Act as the primary point of contact for the National Privacy Commission (NPC) and handle data breach investigations and reporting requirements.
- Establish and conduct organization-wide data privacy training and awareness programs to embed compliance culture.
- Monitor and audit internal data processing activities to ensure ongoing adherence to security protocols.
- Advise leadership on regulatory changes and emerging trends in financial services data compliance.
Kualifikasi
- Bachelor’s degree in Law, Information Technology, Business Administration, or a related field.
- At least 2-3 years of proven experience in Data Privacy, Compliance, or Risk Management within the financial services or microfinance sector.
- Deep understanding of the Data Privacy Act of 2012 and relevant regulatory frameworks.
- Certification in Data Privacy (e.g., CIPP, CIPM, or NPC-accredited DPO training) is highly preferred.
- Strong analytical mindset with the ability to translate complex legal requirements into actionable operational steps.
- Excellent communication skills, with the ability to influence stakeholders at all levels of the organization.
- High level of integrity, professional skepticism, and attention to detail.