Google Play

Data Protection & Privacy Officer

Published on 31.03.2021


Website :
Industries :
Banking, insurance, finance
Job ads : See our Job Ads
A regional commercial bank operating in many African countries. read more

Job Ad & Profile Description

Position : Data Protection & Privacy Officer

About Ecobank Rwanda Plc

Ecobank Rwanda Plc is a full-service bank that joined the Rwandan market in 2007 with the aim of providing a broad range of products and Services to Consumer, Commercial, and Corporates business segments.

The bank’s vision is to build a world-class bank and contribute to the economic development and financial integration of Rwanda and the region by providing customers with convenient and reliable financial products and services.

Ecobank Rwanda Plc is an affiliate under Ecobank Group and operates in Central East and Southern African (CESA) region.

In order to respond to our growing market with the required human capital, we are currently looking for experienced professional in the following area

Role Title: Data Protection & Privacy Officer

Reporting: Head Information Security


Under the supervision of the Head Information Security, the Data Protection & Privacy Officer will drive compliance of enterprise information by identifying and mapping data; determine data protection and privacy requirements; prescribe security controls, prepare plans, assess all data held in all business systems; prepare/update data protection and privacy standards, prepare technical security policies, and procedures associated with data classifications.

  • The role requires specialist knowledge and understanding in financial services, obligations of data protection and privacy regulations, privacy technologies, and cybersecurity.
  • Ensure Ecobank Rwanda is current on data protection laws, regulations, and technical requirements to ensure the Bank is not exposed to privacy risks and penalties
  • Maintain the data protection & privacy program for Ecobank Rwanda in compliance with Rwanda Data Protection law, Cybersecurity regulation, GDPR, and other data protection requirements


  • Creating and maintaining data protection and privacy policies, procedures, and practices (Record of Processing documentation, review of data processing agreements, privacy by design, etc.)
  • Conducting data protection impact assessments and advice on issues where applicable.
  • Ensuring information security activities aligns with data protection and privacy requirements.
  • Interfacing with appropriate data protection regulatory authorities on compliance with data protection regulations.
  • Monitoring compliance with data protection regulations, other applicable data protection provisions, and strategies for protection of personal data, including the allocation of responsibilities, awareness-raising, and training of staff (e.g.: Human Resources) involve in the processing operations and related verifications.
  • Interfacing with appropriate internal and external stakeholders in Legal, Compliance, and Technology to adhere to legal, contractual, and supervisory authorities.
  • Embedding data protection and privacy requirements into technology services and new projects where applicable.
  • Maintaining data protection and privacy governance structure within the affiliate.
  • Ensuring data protection and privacy issues are addressed at appropriate meetings within the affiliate
  • Carry out routine tasks associated with data protection & privacy and Business continuity
  • Ensure privacy technologies and capabilities are embedded in all applicable/relevant solutions and projects
  • Liaises with contractors and service providers to ensure that all activities are in line with the Banks Information Security Policy and regulatory Business continuity requirement.
  • Provides Information Security and privacy Awareness training to all employees, and other third parties, ensuring proper information security clearance in accordance with established bank information security policies and procedures.
  • Initiates, facilitates, and promotes activities to create information security and privacy awareness within the Bank.
  • Develop and implement an ongoing risk assessment program targeting information protection& privacy and business systems. Recommend methods for vulnerability detection and remediation.
  • Perform information security risk, vulnerability assessments and serves as an internal assessor for data protection and privacy issues.
  • Report any incident that occurred and address security incidents, respond to alleged policy violations from staff, contractors, and external parties.
  • Review of physical and logical protection of Information and ensure logical access management review is done and any non-conformity is reported
  • Carry out any other responsibilities that may be assigned by Management
Required profile for job ad : Data Protection & Privacy Officer
  • A degree in Computer Science, Information Technology, MIS or Information Security and professional qualifications preferably in cybersecurity/data protection such as CISM, CDSPE, CIPP, CIPT, etc.(a Plus)
  • Minimum of 3 years experience in the information security/cybersecurity/data protection roles with some experience in the financial services sector.
  • Background and expertise in data protection & Privacy compliance, IT audit, or IT security
  • Experience of promoting a data privacy culture of awareness and understanding (preferably within a Bank)
  • Experience of developing and assessing privacy policies and controls that minimize risk and ensure compliance
  • Experience of responding to potential privacy incidents, to mitigate risk, determine reporting requirements, and developing corrective action plans when needed
  • Demonstrated leadership and problem-solving skills, and ability to work under pressure
  • Experience of communicating effectively with the highest levels of management and decision-making individuals within the organization
  • Strong knowledge and experience in data security and privacy practices such as data sensitivity handling, data destruction, data stewardship, data management lifecycle, handling data breaches, etc.
  • Strong understanding of data protection principles, data management lifecycle, information classification, and data leak prevention technologies and capabilities
  • Background and expertise in national data privacy low, IT Security regulation, and Business continuity regulation compliance.
  • Relevant work experience of monitoring compliance with regulatory requirement and engaging with regulatory bodies.
  • Must demonstrate understanding of legal and regulatory matters affecting financial services industry.
  • Familiarity with privacy and security risk assessment, best practices and gap analysis, privacy certifications/seals, and information security certifications.
  • Team-player such that focus on the success of the team. Working well both with others, as well as individually, in a multicultural and multidisciplinary context
  • Knowledge of data protection legislation, particularly GDPR and national data protection law.
  • Experienced in Business Continuity management framework/standard.
  • Familiarity with computer security systems
  • Experience in managing data breaches
  • Experience in cooperation with supervisory authorities of any kind
  • Understanding the environment in which business operates and associated data protection risks.
  • Experience in conducting data protection impact assessments.
  • Understanding the national Data protection low and its requirements.
  • Must be able to balance business priorities, information security risks, emerging data threats, and best practice of data protection & privacy to ensure confidentiality, integrity, and availability of the company’s information assets.
  • Monitoring and advising on the initial and ongoing data protection risk assessments (privacy impact assessments) to ensure that personal data is protected.
  • Ability to work in a multicultural environment and multi-task effectively.
  • Excellent written and verbal communication skills.
  • Able to learn new concepts, products, and technologies on the job.
  • Must demonstrate strong leadership skills as well as be able to effectively work collaboratively and cross-functionally with members of the IT organization and various lines of businesses.
Job criteria for job ad : Data Protection & Privacy Officer
Job category :
IT, new technologies
Industries :
Banking, insurance, finance
Employment type :
Permanent contract
Region :
Eastern Province - Kigali Province - Northern Province - Southern Province - Western Province
Experience level :
2 to 5 years
Educational level :
Spoken language :
Number of Position(s) : 1

Share this offer with your network

Other jobs that might interest you

Data Protection Officer

07/04/21 | AFRICAWORK

We are looking for profiles and CVs of  Data Protection Officers  that we will send to our large account customers for their future recruitment needs. Missions: Ensure compliance with legislation on the use of data; Valuing the company's data; Ensure ...

Region of : Eastern Province - Kigali Province - Northern Province - Southern...

Business Intelligence Analyst

06/04/21 | RED CIRCLE

We are looking for profiles and CVs of Business Intelligence Analysts that we will send to our large account customers for their future recruitment needs. Duties Oversee the deployment of data to the data warehouse; Collaborate with the IT department; Wor ...

Region of : Eastern Province - Kigali Province - Northern Province - Southern...

Virtual Reality Developer

05/04/21 | AFRICAWORK

We are in need for profiles and CVs of  Virtual Reality Developers and Editors  that will be sent to our large account customers for their future recruitment needs. Duties : Analyse, Establish, and Execute current virtual reality software technologies in ...

Region of : Eastern Province - Kigali Province - Northern Province - Southern...

Flutter Developer for Android & iOS


We are looking for 8 Mobile Developers (Flutter) who will join our Rwanda team creating solutions for our IT firm. Working with us is a great opportunity to create custom applications with high-quality interfaces for iOS and Android.  Main tasks: Developi ...

Region of : Kigali Province