Job Purpose

• To assist with management of compliance risk in the CIB business areas by ensuring compliance with the Compliance Framework and Methodology manuals and to provide privacy expertise and guidance to stakeholders on the protection of personal information to ensure compliance to relevant legislation and to mitigate risks. 
• The role is a Compliance Officer, requiring a candidate with some Privacy Knowledge.

Job Responsibilities

• Assisting with the developing and articulating of controls on the Compliance Risk Management Plans (CRMP);
• Maintaining CRMP’s on Lex Risk Manager;
• Assisting with adequacy reviews on CRMP’s;
• Completing findings assurance on findings;
• Assisting with new regulatory assessments;
• Assisting with updating compliance profiles;
• Providing support on all privacy related matters.
• Assisting with the cluster’s privacy reporting.
• Managing the privacy incident management process to ensure all cluster incidents are logged, investigated and mitigated timeously and that the relevant notifications meet regulatory requirements.
• Assisting with the development of privacy related training for employees.
• Keeping abreast of all developments in privacy laws and regulations in the jurisdictions that impact the cluster.
• Leading Privacy Impact Assessments and ensuring that appropriate measures are implemented to mitigate risks identified in the assessments. 
• Managing the clusters inventories of processing activities.
• Assisting in responding to data subject access requests as they pertain the cluster.
• Provide advice on all aspects of the protection of personal information 
• Ensure that Privacy risks and issues are identified, escalated and appropriately managed
• Contribute to a culture of transformation by participating in Nedbank culture building initiatives, business strategy, and CSI.
• Build and manage relationships with key stakeholders.
• Build and maintain collaborative relationships with internal stakeholders through engagements and sharing of expertise to ensure understanding of, and alignment to regulatory requirements as set by relevant legislation.
• Any other duties as assigned by the Cluster Privacy Representative 

Essential Qualifications – NQF Level

• Advanced Diplomas/National 1st Degrees

Preferred Qualification

• Bachelor’s Degree: Law, Com[liance and Risk Management 

Minimum Experience Level

• 2-3 years experience in a compliance related role

Type of Exposure

• Experience in privacy laws and practices
• Experience with identifying, analysing, and reporting on risk indicators related to Data Protection and Privacy
• Relevant Data Protection and Privacy related certification such as CIPP, CIPM, CIPT would be an advantage
• Data Protection and privacy auditing experience would be an advantage

Technical / Professional Knowledge

• Change management
• Cluster specific operations
• Compliance reporting
• Governance, Risk and Controls
• Relevant regulatory knowledge
• Relevant software and systems knowledge
• Reputational risk management
• Risk management process and frameworks
• Stakeholder management
• Codes of Good Governance