{bc}
indeed

Data Protection Officer - DPO

Propel Consult
الرياض, KSA
Full Time
Manager
Onsite
4 days ago
Data ProtectionPDPLComplianceRisk ManagementData Protection Impact Assessment (DPIA)Breach Response
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Data ProtectionPDPLCompliance
Smart Apply

Full Job Posting

Role Purpose

  • The Data Protection Officer leads the organization's compliance with the Saudi Personal Data Protection Law (PDPL) and oversees the protection of personal data across the group and its subsidiaries.
  • The DPO monitors compliance, advises the business, acts as the contact point for data subjects and for SDAIA, and provides independent assurance that personal data is processed lawfully, fairly and securely.

Key Responsibilities

  • Monitor and oversee ongoing compliance with the PDPL, its Implementing Regulations and the SDAIA DPO Rules across all processing activities of the group and its subsidiaries.
  • Act as the contact point with SDAIA and with data subjects; register and keep the DPO's contact details current on the National Data Governance Platform.
  • Advise the business on data protection obligations and review new products, services, systems and processing activities before launch.
  • Maintain the Records of Processing Activities (RoPA) and oversee Data Protection Impact Assessments (DPIAs) for high risk processing.
  • Ensure breach response plans are adequate and effective; notify SDAIA within 72 hours of becoming aware of a notifiable breach, and notify affected individuals where the breach is high risk.
  • Manage requests for access, correction, deletion, objection and portability within the statutory timeframes.
  • Ensure an approved transfer mechanism (SCCs or BCRs) and a transfer risk assessment are in place before any personal data leaves the Kingdom.
  • Deliver data protection awareness, training and knowledge transfer across the organization.
  • Prepare periodic compliance reports and recommendations for senior management and the Data & AI Governance Committee.
  • Work with the CISO on security controls for personal data and with the CDPO on the wider data governance programme.

Background, Qualifications & Experience

  • Degree in law, information governance, information technology, risk or a related field.
  • A recognised privacy certification (e.g., CIPP/E, CIPM, CDPO, ISO 27701 Lead Implementer/Auditor) is desirable.
  • Demonstrable knowledge of the PDPL and its Implementing Regulations, the SDAIA DPO Rules, the NDMO Standards and any applicable sectoral requirements.
  • Sound knowledge of risk management practice, including the handling of personal data breach incidents.
  • Several years of experience in data protection, privacy or compliance, ideally within the Kingdom or the wider GCC.
  • High personal integrity, with no prior convictions involving dishonesty or breach of trust (as required by the SDAIA DPO Rules).
  • Professional proficiency in Arabic and English (Arabic strongly preferred for the SDAIA and data subject interface).

Skills

  • Independent judgement and the standing to challenge the business where required.
  • Clear written and verbal communication, including the ability to translate legal requirements into practical controls.
  • Stakeholder management across legal, IT, security, HR and the operating subsidiaries.
  • Discretion in handling confidential and sensitive personal data.
  • Strong analytical and problem solving abilities.
  • Ability to work independently and manage multiple priorities.
  • Attention to detail and commitment to compliance.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today