Data Privacy Manager

Role Summary

This position is responsible for shaping, running, and continuously improving the organization’s data privacy framework. The role covers policy design, regulatory alignment, incident handling, stakeholder coordination, awareness building, and ongoing monitoring to help ensure privacy practices are embedded across the business.

Key Accountabilities

• Create, update, and roll out data privacy policies, supporting documentation, programs, and related initiatives.
• Identify privacy challenges that are not immediately visible in current systems or workflows and develop practical solutions.
• Put in place the actions needed for the company to comply with its privacy policies and the applicable data privacy laws in Saudi Arabia and, where required, in other countries such as the UAE.
• Track changes in privacy legislation and ensure new requirements are reflected in the company’s approach.
• Oversee data breach response, including breach notifications and corrective actions.
• Keep relevant stakeholders informed of any breach and recommend next steps.
• Handle requests from data owners.
• Design and deliver privacy training and awareness sessions, along with supporting materials, in coordination with HR.
• Share input with stakeholders on training needs, attendance, trends, reports, and improvement suggestions.
• Maintain an accurate and current record of processing activities (RoPA).
• Serve as a trusted advisor and main contact point for privacy-related matters across the organization.
• Ensure privacy requirements are built into technologies and systems adopted by the company.
• Carry out privacy impact assessments, test systems against expected standards, and recommend improvements.
• Align corrective actions from privacy impact assessments with the relevant teams and follow through on implementation.
• Coordinate the work of the Data Privacy Steering Committee.
• Prepare routine updates for the Steering Committee on the company’s privacy readiness and capabilities.
• Ensure committee decisions and action items are completed within required timelines.
• Track privacy KPIs and work toward meeting target performance levels.
• Define privacy goals and requirements and communicate them across departments.
• Lead privacy campaigns that build employee awareness and provide guidance.
• Influence and engage cross-functional stakeholders so they follow privacy procedures and standards.

Work Environment

The role is primarily indoors, with 90% of the time spent inside and 10% outdoors. It follows a 5-day work week with 2 days off. Working hours are from 8:00 AM to 6:00 PM, including a 1-hour break.

Additional Notes

Responsibilities are not limited to the duties listed above, and additional tasks may be assigned as needed.

Requirements

• A bachelor’s degree in Information Technology or a related field is required.
• Experience of 3 to 6 years is needed.
• IAPP certifications such as CIPP/E, CIPM, or CIPT are considered an advantage.
• Strong working knowledge of Microsoft Office applications is expected.
• The candidate must be able to work in both English and Arabic.