Applications are invited for the following post in the National Fisheries Authority: Data Protection Officer (Level 8) – (Vacant)

Salary range $5,198,035 – $6,990,779 per annum.

Job Purpose

Under the general supervision of the Chief Executive Officer, the Data Protection Officer (DPO) is to advise and provide guidance to the National Fisheries Authority (NFA), on a range of privacy, data protection and technology related regulatory and compliance matters. The DPO is responsible for monitoring internal compliance, informing and advising the NFA on data protection obligations, providing advice regarding Data Protection Impact Assessments (DPIAs) and acting as a contact point for data subjects and the Office of the Information Commissioner. The DPO will support the success of the NFA through assisting with the introduction and the implementation of its privacy programme. Both legal knowledge and technical fluency are highly desired as this role will work closely with staff across all areas of the portfolio.

Key Responsibilities

Management/Administrative

• Contributes to development of the NFA’s Strategic and Operational Plans and Budget;
• Develops and implements operating systems and processes including tools and other resources to guide research activities and ensure validity and accuracy of the data collected and generated;
• Develops and maintains an appropriate system of record keeping for all aspects of data protection;
• Delivers training across all Divisions and Units to staff members who are involved in data handling or processing;
• Participates in meetings, seminars, workshops and conferences, as required.

Technical/Professional:

• Ensures that the NFA processes personal data in compliance with the data protection standards and in compliance with the Act and good practice;
• Provides overall management for the research, development, and implementation of Data Protection policies and procedures for the Authority;
• Researches, designs, and implements Data Protection Governance;
• Frameworks and strategies to manage the use of personal data in compliance with the requisite standards and guidelines;
• Consults with the OIC to resolve any doubt about how the provisions of the Act and any Regulations made under it, are to be applied;
• Ensures that any contravention of the data protection standards or any provisions of the Act by the NFA, is dealt with;
• Co-ordinates the efforts of the NFA in the implementation of essential elements of the applicable data protection regulation, such as the principles of data processing, data subjects’ rights, data protection by design and by default, records of processing activities, security of processing, and notification and communication of data breaches;
• Manages systems that ensure appropriate assignment of responsibilities in relation to the management of data and information and the processing and protection of personal data;
• Provides strategic legal and regulatory guidance to Senior Management and other Divisions on privacy and data protection issues, law and trends;
• Performs or oversees initial and periodic privacy impact assessment, risk analyses, mitigation and remediation;
• Ensures that Data Controllers and data subjects are informed about their data protection rights, obligations and responsibilities and raises awareness about them;
• Oversees the maintenance of records required to demonstrate data protection compliance;
• Supports a programme of awareness-raising and training to deliver compliance and to foster a data privacy culture;
• Gives advice and recommendations to the NFA about the interpretation or application of the data protection rules;
• Handles queries or complaints at the request of the parent Ministry, the Data;
• Controller, other person(s), or on their own initiative;
• Co-operates with the OIC (responding to requests about investigations, complaint handling, inspections conducted by the OIC, etc.);
• Draws the Organization’s attention to any failure to comply with the applicable data protection rules and policy;
• Supports the data incident response and data breach notification procedures;
• Prepares and submits routine and special reports, as required;
• Provides expert advice and educates employees on important data compliance requirement;
• Drafts new and amends existing internal data protection policies, guidelines, and procedures, in consultation with key stakeholders;
• Performs any other related duties as assigned by the Chief Executive Officer.

Required Knowledge, Skills, and Competencies

Core

• Good oral and written communication
• Planning & organizing skills
• Good judgement and decision
• Making skills
• Customer and quality-focused skills
• Analytical and problem-solving skills
• Compliance
• Integrity
• Adaptability

Technical

• Knowledge of modern business
• practices and office procedures
• Understanding of research methods and techniques
• Proficiency in the use of computer applications
• Knowledge and understanding of the Data Protection Act
• Experience in managing data, incidences and breaches
• Knowledge of cybersecurity risks and information security standards

Minimum Qualifications and Experience

• Bachelor’s of Law Degree Compliance, IT Security, Audit or similar background;
• Minimums three (3) years’ experience in law, audit and/or risk management, compliance, or equivalent experience;
• Demonstrable experience, knowledge and/or in-depth understanding of Data Privacy legislation (in particular GDPR);
• Experiences or specializes training in records and information management systems;
• At least one (1) Data Protection and/or Privacy Certification such as, CIPP;
• CIPT, ISEB, etc., (preferred).

Special Conditions Associated With The Job

• May be required on occasions to work on weekends and holidays
• Required to travel island wide and at sea
• Exposure to confidential and sensitive information.
• Required to work in volatile areas

Applications accompanied by detailed résumés, including the names of two (2) referees, should be submitted no later than Friday, 5th September 2025 to:

Senior Director
Corporate Services Division
National Fisheries Authority
2c Newport East
Kingston 11

Email: fisherieshr@nfa.gov.jm

Please note that only shortlisted applicants will be contacted.

or