Job Information Data Protection Officer (GMG/SEG 3) Company Information
Contact Name Office of the Services Commission
Contact Email communications@osc.gov.jm
Job Information
Job Type Full-time
Department Executive Agency
Category Computer/IT
Posted 30-09-2024
Job Status
Start Publishing 30-09-2024
Stop Publishing 09-10-2024
Description
Applications are invited for the following post in the Office of the Cabinet Data Protection Officer (GMG/SEG 3) (Vacant), Corporate Affairs Division, salary range $5,198,035 - $6,990,779 per annum.
Data Protection Officer (GMG/SEG 3)
 
Job Purpose
 
Under the general supervision of the Permanent Secretary, through the Chief Technical Director, the Data Protection Officer (DPO) is responsible, in an independent manner, for:
  • designing and overseeing the implementation of an effective data protection/data privacy programme in keeping with the Data Protection Act (DPA) and attendant regulations and other relevant legislation;
  • monitoring the organisation’s compliance with the DPA and attendant regulations, other relevant legislation, and the organisation’s internal data protection/privacy policies and procedures;
  • facilitating the conduct of risks assessments to, among other things, inform the preparation of Data Protection Impact Assessments (DPIA);
  • informing and advising the organisation on its data protection/data privacy obligations pursuant to the DPA;
  • building awareness of data privacy/data protection by all staff through training and sensitization initiatives.
The DPO serves as the primary point of contact within the organisation for members of staff, the Office of the Information Commissioner (OIC), data subjects and any relevant entity on issues related to data protection/data privacy.
 
Key Responsibilities
Management/Administrative:
  • Provides overall management for the development and implementation of an effective data protection/data privacy programme, in keeping with the DPA and attendant regulations and other relevant legislation;
  • Assesses the organisation’s business processes and workflows;
  • Participates in the Organisation’s strategic planning process;
  • Prepares strategic and operational plans and budget, ensuring the work is performed according to plan and agreed targets;
  • Participates, as a member of the management team, in planning, problem resolution and reviewing the performance and compliance of functional areas;
  • Provides guidance to Executive and Senior Managers on matters relating to Data Protection/Data Privacy, to include the DPA and attendant regulations and other relevant legislation;
  • Participates in meetings, seminars, workshops, conferences, and other fora, as required;
  • Prepares Annual/Quarterly/Monthly and other reports as required.
 
Technical/Professional:
  • Provides technical, legal and regulatory advice to senior management on data protection/data privacy issues, laws and trends;
  • Drafts new and/or amends existing internal data protection/data privacy policies, guidelines and procedures, in consultation with key stakeholder;
  • Informs and advises employees who carry out processing of their obligations under the DPA and other relevant data protection policies and procedure provisions;
  • Monitors compliance with the DPA and attendant regulations, other relevant data protection provisions, and the organisation’s policies and procedures relating to data protection/data privacy, including how the organisation assigns responsibilities, raises awareness and trains staff involved in processing operations and related audits;
  • Ensures that any contravention of the data protection standards or any provisions of the DPA by the organisation is dealt with;
  • Supports the organisation’s contravention and security breach notification procedures;
  • Co-operates with competent authorities and/or the OIC, responding to requests about complaint handling, investigations or inspections;
  • Acts as the contact point for competent authorities and/or the OIC on issues relating to processing and consulting, where appropriate, with regard to any data protection related matter;
  • Highlights or draws the organisation’s attention to any failure to comply with the DPA and attendant regulations and applicable data protection/data privacy policies and procedures;
  • Reports to the OIC where the organisation fails to rectify, within a reasonable time, any area of non-compliance with the DPA and attendant regulations which have been highlighted;
  • Supports/manages a programme of awareness-raising and training to enable staff compliance and to foster a Data Protection/Data Privacy culture within the organisation;
  • Trains and/or sensitises employees on the DPA’s compliance requirements;
  • Develops the relevant training material for dissemination;
  • Conducts regular assessments and audits to ensure compliance with the DPA and attendant regulations;
  • Serves as the point of contact between the organisation and the OIC;
  • Consults with the OIC to resolve any doubt about how the provisions of the DPA and attendant regulations are to be applied;
  • Ensures the conduct of risks assessments to, among other things, inform the preparation and submission of annual DPIAs to the OIC;
  • Maintains records of relevant data processing activities conducted by the organisation.
  • Assists data subjects in the exercise of their data protection rights;
  • Handles queries or complaints received by responding to data subjects to inform them, among other things, about how their personal data is being processed and what measures the organisation has put in place to protect their data; and ensuring that requests are addressed in compliance with the DPA and attendant regulations;
  • Keeps abreast of changes in the legislative environment and adjusts the organisation’s data protection/data privacy programme accordingly;
  • Participates in security incident response procedures;
  • Provides statements, attends court or tribunal proceedings and gives evidence, as required;
  • Provides reports in relation to various proceedings/hearings, as required;
  • Performs miscellaneous duties related to job function, as required, from time to time.
Required Knowledge, Skills, and Competencies
Core:
  • Excellent written and oral communications skills
  • Leadership and management skills
  • Interpersonal and customer relations skills
  • Problem solving and analytical skills
  • Teamwork and co-operation skills
  • Judgment and decision-making skills
  • Consultation and issues management skill
  • Tact and diplomacy to manage issues with key stakeholders
  • Planning, organizing and time management skills
  • Stakeholder engagement, relationship management and networking skills
  • Negotiating skills
  • Integrity
  • Adaptability
  • Confidentiality
  • Initiative
Technical:
  • Sound knowledge of Data Protection/Data Privacy Laws and practices
  • Knowledge of international standards and best practices in Data Protection/Data Privacy Policy Development and Implementation
  • Knowledge of Data Security Systems
  • Ability to evaluate and assess business processes and business operations
  • Ability to communicate with and understand the requirements of professional staff within their area of specialization
  • Knowledge of current Data Protection developments/trends
  • Knowledge of cybersecurity risks and information security standards
  • Proficient in the use of current/relevant computer applications especially Microsoft Office Suite (Word, Excel, PowerPoint)
Minimum Required Qualification and Experience
  • Graduate Degree in Law, Information Technology/Computer Science, Accounting, Risk Management or related discipline from an accredited tertiary institution
  • Three (3) years’ experience in Law, Information Technology/Computer Science, Audit or Risk Management or equivalent related experience
  • Knowledge of Data Protection/Data Privacy Law and Practices
  • Experience or specialised training in Records and Information Management Systems would be an asset
  • At least one (1) Data Protection/Data Privacy certification such as, CIPP, CIPT, CIPM, etc. (preferred)
OR
  • Undergraduate Degree in Law, Information Technology/Computer Science, Accounting, Risk Management or related discipline from an accredited tertiary institution
  • Five (5) years’ experience in Law, Information Technology/Computer Science, Audit or Risk Management or equivalent related experience
  • Experience or specialised training in Records and Information Management Systems would be an asset
  • At least one (1) Data Protection/Data Privacy certification such as, CIPP, CIPT, CIPM, etc. (preferred)
 
Applications accompanied by résumés should be submitted no later than Tuesday, 8th October, 2024 to:
Senior Director
Human Resource Development and Management Division
Office of the Prime Minister
1 Devon Road
Kingston 10.
Email: jobs@opm.gov.jm
Please note that only shortlisted applicants will be contacted.
 
Share on Google+ Friend Feed Linkedid Twitter Yahoo Share on facebook
Facebook Comments

Job Search Tips

  • Earn FREE Online Certifications
    Earn FREE Online Certifications There are currently a number of sites that offer certification and Diploma courses for FREE. Here are some of the courses Career Jamaica recommends for job seekers to improve their marketability in the competitive job market.  Use the links to see course info and to apply to earn a certificate…
    in Job Skills Be the first to comment! Read more...
  • This huge email mistake is preventing you from getting hired
    This huge email mistake is preventing you from getting hired   This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it.? What does your E-mail Address Say to a Potential Employer About You?   Your E-Mail address matters.    Using the wrong email address when applying for a job could hurt your chances
    in Job Skills Be the first to comment! Read more...
  • Networking in the Digital Age
    Networking in the Digital Age Networking has gone completely digital. Just like they have impacted everything else in the free world, sites like Facebook and Linkedin have altered the entire structure of professional networking. Here are a few tips to help you survive in the digital networking age:
    in Job Skills Be the first to comment! Read more...
  • What You Need to Know about a Company Before a Job Interview
    What You Need to Know about a Company Before a Job Interview What You Need to Know about a Company Before a Job InterviewBefore heading to job interview, it is extremely important that candidates know as much information as possible about the Company/ Organization. Getting this information is fairly simple, and it's a good idea to memorize a few key points to bring up…
    in Job Skills Be the first to comment! Read more...
  • 5 Things You Should Never do in a Job Interview New
    5 Things You Should Never do in a Job Interview New 5 Things You Should Never do in a Job Interview Congratulations! you have just gotten called in for a job interview. You now need to know the simple ways to candidates make a bad impression during an interview. There are a few things that most Human Resource professionals agree are…
    in Job Skills Be the first to comment! Read more...

Enter your email address to stay connected with us:

Find us:


To receive updates on the latest job opportunites
Follow Carrer Jamaica on:

5296501 linkedin network linkedin logo icon
  5296516 tweet twitter twitter logo icon  5296765 camera instagram instagram logo icon  5365678 fb facebook facebook logo icon

Did You Know?

  • Career Jamaica makes it easy for you to find a job in Jamaica or the wider Caribbean.
  • There are numerous opportunities for employment in Jamaica at all job levels listed with Career Jamaica
  • Registering and viewing jobs in Jamaica with Career Jamaica is free
  • You can sign up for Career Jamaica’s free, email job updates