C5i is a pure-play AI & Analytics provider that combines the power of human perspective with AI technology to deliver trustworthy intelligence. The company drives value through a comprehensive solution set, integrating multifunctional teams that have technical and business domain expertise with a robust suite of products, solutions, and accelerators tailored for various horizontal and industry-specific use cases. At the core, C5i's focus is to deliver business impact at speed and scale by driving adoption of AI-assisted decision-making.
C5i caters to some of the world's largest enterprises, including many Fortune 500 companies. The company's clients span Technology, Media, and Telecom (TMT), Pharma & Lifesciences, CPG, Retail, Banking, and other sectors. C5i has been recognized by leading industry analysts like Gartner and Forrester for its Analytics and AI capabilities and proprietary AI-based platforms.
Global offices
United States| Canada | United Kingdom| United Arab of Emirates| India
Job Purpose:
Establish framework for Personal Data Protection and Data Classification domains. Manages and develops privacy strategy, roadmap and implementation plan that aligns with the bank's goals and objectives related to Personal Data Protection and Data Classification domains
Key Responsibilities
- Perform assessments
- To evaluate the current state of the Personal Data Protection environment.
- Impact assessment/s of the potential damages due to an unauthorized access to all its identified datasets and artifacts.
- To identify public category data
- Create Data Management and Personal Data Protection Strategy and Plan, the Entity shall create a Personal Data Support in delivery of enterprise-wide Data Protection & Privacy program and provide guidance on global standards and best practices.
- Create a Data Classification Plan to manage and orchestrate bank's Data Classification activities
- Develop prioritization list based on the classification level of data sets and artifacts for the organization.
- Identify and inventory all datasets and artifacts owned by the Bank as part of the Data Classification Implementation process
- Oversee that policies, processes, guidelines and standards related to Data Protection & Privacy (Such as: Consent Management, Data Subject Rights Management, Data Localization, Personal Data Access, Sharing and Transfer, Personal Data Breach Handling, etc.) are communicated and enforced throughout the organization.
- Develop material and conduct the Personal Data Protection training for every employee to promote a Personal Data Protection-centric culture in accordance with the Entity-specific and national privacy regulations. Liaise and respond to the Data Protection Authority of KSA for regulatory queries and audits.
- Develop and document breach management procedures to directly manage and address the privacy violations and to set the functions and responsibilities for the affected work team, covering
- Process for conducting incident review by the Data Controller with the Regulatory Authority
- Development of response mechanism based on incident reported by the Data Controller and / or Data Processor
- Implementing processes to perform permanent corrective actions when issued by the Regulatory Authority
- Developing testing of the implemented corrective actions to validate personal data protection solution(s).
- Drive privacy operations such as impact assessments, data mapping through the implemented privacy technology solution across business departments.
- Work with website development team to review the third-party cookies and provide guidance on managing on marketing/ preference consent stored within business departments ,as per the applicable regulatory law.
- Support in identifying third party privacy risks by conducting vendor privacy risk assessments through technology and co-ordinate with business departments to highlight the risks and providing risk mitigation recommendations.
- Ensure all the customer facing channels of the organization comply with applicable regulatory requirements by conducting a thorough assessment.
- Support in personal data discovery through automation and review the PII inventory for the organization.
- Ensure and verify sensitive personal data elements are identified during data discovery exercise through technology implementation.
- Support in establishing record of processing activities through the technology implementation
Qualifications & Experience
Minimum Qualifications:
- Bachelor's degree in computer science, cyber-security or relate areas.
Minimum Experience:
- 10+ years of progressive experience in Data Governance and Data Privacy in a banking environment
Job-Specific Skills:
Mandatory
- Experience in the field of Data privacy, Data Protection and Data classification domains.
- Experience in working in support group responsible to monitoring compliance and managing regulatory compliance.
- Understanding of privacy protection Risks, data privacy related processes and policies.
- Experience in supporting the organization during external regulatory audits of data privacy
- Advanced knowledge in Personal Data Protection regulations, such as:
- Data Classification, Risk Assessment,
- Risk Register and Data Confidentiality
- Data Integrity and Data Availability
- KSA PDPL (Personal Data Protection law)
- GDPR
- Other GCC privacy laws
Preferable
- Certification in Privacy Management such as CIPM, CIPPE etc.
- Experience in data privacy tools such as Securiti.ai, OneTrust, BigID etc.
- Experience in RDBMS Database Technologies: SQL Query Writing, SQL Tuning, and Microsoft SQL Server & Oracle platforms
- NDMO Data Management Standards
- SAMA Cybersecurity Framework and NCA regulations
C5i is proud to be an equal opportunity employer. We are committed to equal employment opportunity regardless of race, color, religion, sex, sexual orientation, age, marital status, disability, gender identity, etc. If you have a disability or special need that requires accommodation, please keep us informed about the same at the hiring stages for us to factor necessary accommodations.
