Privacy Governance, Risk and Compliance Specialist

Your role in a nutshell:

You will work closely with the UK based Group Privacy team, the local privacy teams across the
global footprint and where necessary collaborate with other stakeholders including Cyber Security,
Corporate Security, HR, Commercial, Technology, Supply Chain Management (SCM) to drive key
objectives to completion.
You will be expected to maintain process descriptions and other such documentation in your area of
responsibilities and to soundly perform fact gathering, analysis of privacy issues and driving issue
and risk management advisory activities on a day-to-day basis, as well as to produce, validate and
distribute regular reports.
Be part of a high impact, high volume and high intensity team, providing world class Privacy 2nd
line of defense activities to a wide range of internal stakeholders. You will join our new VOIS
Privacy team and support the continuous improvement of our Privacy Program with the following
key accountabilities:

What you will love in your role:

• Monitoring and reporting the effectiveness of the privacy controls at policy and operational
control levels, across a range of data processing activities, functions and entities;
• Conducting regular reviews of data processing activities
• Articulating and communicating critical privacy risks and gaps to stakeholders and identifying
and agreeing remedial actions.
• Performing quality reviews of privacy assessments performed on processes, products, services
and platforms.
• Keeping the operational issue register up-to-date and develop reports/dashboards
• Implementing new monitoring approaches, procedures and technologies to respond the ever
changing regulatory and technology landscape
• Supprting standardization and centralization of control practices and ambassador central tools.
• Supporting the training and awareness agenda by holding trainings to the privacy community
• Supporting the cycle of compliance activities i.e. risk based planning, risk and control matrix
updates, Quality assurances and deep dive reviews and annual risk report process
• Supporting the Group Privacy team with any other privacy activities as may be required from
time to time.

What will you bring to the team:

• 1-2+ years’ experience in privacy/compliance/internal audit;
• Basic understanding of global privacy regulatory landscape in telecommunication, technology
and online businesses;
• Knowledge of compliance management standards, tools, methodologies and best practices;
• Excellent organization skills, able to handle multiple requests with differing priorities and
stakeholders;
• Excellent command of English, and excellent interpersonal, oral and written communication;
• Privacy or audit related certification(s) would be advantageous (e.g. CIPP, IAPP, CIA).
VODAFONE

 Provide advice and counsel to the Company and product team regarding
new product offerings and functionalities in lieu of applicable privacy laws.

 Drive privacy compliance strategy and strategic priorities for the Business
Team in alignment with the EU Privacy and Data Protection Program
requirements.

 Establish and implement a comprehensive Privacy Program for the

applicable Business Team.

 Promote a privacy and data-protection mindset and improve automated

processing.

 Assess data handling and privacy with regards to third parties including
preparing formal risk assessment reports and the relevant privacy maturity
model.

Managing the Data Protection Compliance Implementation in Vodafone Egypt

- Plan the Vodafone Privacy Program modules execution according to objectives

set Privacy Officer.
- Leading Projects' Assessment Committee which is responsible for the approval
of any project, process, product, system.. etc arising within Vodafone Egypt by
assuring that all the privacy and security requirements are embedded in the
project from the design phase.
- Working closely with several stakeholders (Cyber security, information security,
AML, Regulatory) to make sure that the proposed project is compliant with their
policies
- Ensures delivery of initial and privacy training and orientation to all employees,
contractors, and other appropriate third parties.
- Establishing Privacy Champions Network across various business departments
for effective GDPR Program implementation.
- Provide consultancy to all business departments and appropriate entities for all
new projects, products, services, changes, upgrades, etc…
- Resolving ad-hoc queries and issues relating to data protection.
- Provide regular reports to different Management levels on Privacy risk &
compliance, highlighting and driving decisions on major risks.
- Owns Privacy Incident Management Process and periodic dashboard for top
management visibility.
- Act as a key contact and reference point for all data protection related issues for
internal and external parties (seeking legal advice where necessary).
- Support, audits performed by Group / Regional Internal Audit.
- Undertake any assigned task from my management and consistently keeping
my direct and upper management aware of any major/critical issue occurring.

Privacy Governance, Risk and Compliance Junior Manager

Your role in a nutshell:

You will work closely with the UK based Group Privacy team, the local privacy
teams across the global footprint and where necessary collaborate with other
stakeholders including Cyber Security, Corporate Security, HR, Commercial,
Technology, Supply Chain Management (SCM) to drive key objectives to
completion.

You will be expected to maintain process descriptions and other such

documentation in your area of responsibilities and to soundly perform fact
gathering, analysis of privacy issues and driving issue and risk management
advisory activities on a day-to-day basis, as well as to produce, validate and
distribute regular reports.

Be part of a high impact, high volume and high intensity team, providing world
class Privacy 2nd line of defense activities to a wide range of internal
stakeholders. You will join our new VOIS Privacy team and support the
continuous improvement of our Privacy Programme with the following key
accountabilities:

What you will love in your role:

• Lead, motivate and manage a team of GRC analysts and specialists. Provide
direction, recognize high performance, encourage creativity and resolve issues
and conflict. You will act proactively to oversee smooth day to day operations
with global processes and effective collaboration across teams.
• Monitoring and reporting the effectiveness of the privacy controls at policy
and operational control levels, across a range of data processing activities,
functions and entities;
• Conducting regular reviews of data processing activities
• Articulating and communicating critical privacy risks and gaps to senior
stakeholders and identifying and agreeing remedial actions.
• Performing quality reviews of privacy assessments performed on processes,
products, services and platforms.
• Identifying the areas of risk in relation to data privacy and recommend
solutions.
• Keeping the operational issue and strategic risk registers up-to-date and
develop reports/dashboards
• Identifying and implementing new monitoring approaches, procedures and
technologies to respond the ever changing regulatory and technology landscape
• Driving standardization and centralization of control practices and
ambassador central tools
• Driving the training and awareness agenda by development of training
materials, holding trainings to the privacy community
• Supporting the cycle of compliance activities i.e. risk based planning, risk and
control matrix updates, Quality assurances and deep dive reviews and annual
risk report process
• Supporting the Group Privacy team with any other privacy activities as may be
required from time to time.

What will you bring to the team:

• Strong leadership skills having managed, motivated and developed a team of
6-8 direct reports.
• 3-5 years’ experience in privacy/compliance/internal audit;
• Good understanding of global privacy regulatory landscape in
telecommunication, technology and online businesses;
• Good mix of auditor and advisory skillset;
• Structured, process mind-set and desire for continuous improvement;
• Knowledge of compliance management standards, tools, methodologies and
best practices;
• Excellent organization skills, able to handle multiple requests with differing
priorities and stakeholders;
• Excellent command of English, and excellent interpersonal, oral and written
communication;
• Results oriented, proactive, responsible, pragmatic and ethical person with a
passion for privacy and interest in technologies and their societal impact;
• Privacy or audit related certification(s) would be advantageous (e.g. CIPP,
IAPP, CIA).

Managing the Data Protection Compliance Program

> Performing initial and periodic Privacy Impact Assessments on high risk processes and 3rd party
suppliers.
>Support in audits performed by Group as well as Regional Internal Audits.