Privacy Engineer

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field qualification from a recognised tertiary institution.
• Proven experience as a Privacy Engineer, Privacy Officer, or a related role with a focus on data protection and privacy.
• In-depth knowledge of data protection laws and privacy best practices.
• Expertise in data protection technologies, privacy regulations, and a commitment to ensuring data privacy by design.
• Deep understanding of privacy laws and regulations, including JDPA, GDPR, CCPA, HIPAA, etc.
• Knowledge of data protection technologies, cryptography, access controls, and privacy-enhancing techniques.
• Proven experience in privacy management, awareness, or training.
• Expertise in privacy-enhancing technologies (PETs) and privacy-by-design.
• Experience in conducting privacy impact assessments (PIAs) and data protection impact assessments (DPIAs).
• Knowledge of Privacy Tool, Privacy by Design and security standards is advantageous.
• Strong understanding of data classification, encryption, access controls, data masking and data anonymization techniques.
• Familiarity with privacy impact assessments and risk management.
• Strong problem-solving and analytical skills.
• Excellent communication and interpersonal skills.
• Technical skills in data security tools, including data loss prevention (DLP) and encryption solutions.
• Proficiency in conducting security assessments and audits.
• Experience working in cross-functional teams and the ability to drive privacy initiatives across the organization.

Nice To Haves

• A Master's degree is a plus.
• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), or Certified Information Privacy Manager (CIPM) are advantageous.
• Prior experience in the financial industry is a plus.

Responsibilities

• Collaborate with product development teams to integrate privacy into the design and development processes of new products and features.
• Provide expert privacy compliance advice to stakeholders, especially new projects involving the use of personal data.
• Partner with stakeholders to align advanced technologies with Privacy by Design principles from the early stages of product development, undertaking privacy impact assessments.
• Implement and maintain data protection measures, including encryption, access controls, and data anonymization techniques to safeguard sensitive data.
• Participate in incident response efforts during data breaches or privacy incidents.
• Act as the main point-of-contact for all privacy-related matters escalated by stakeholders.
• Develop and enforce privacy policies, procedures and standards/guidelines that align with legal and regulatory requirements, including JDPA, GDPR, CCPA, and other applicable laws.
• Develop and oversee Privacy Impact Assessments (PIAs), data protection impact assessments (DPIAs), transfer impact assessments (TIAs) to identify and mitigate privacy risks associated with new projects and services.
• Assist in the development and execution of incident response plans related to data breaches or privacy incidents.
• Provide training to internal teams on privacy-related topics and changes in privacy regulations.
• Educate employees and end-users on best privacy practices, data handling, and security awareness.
• Continuously monitor and audit systems and processes for compliance with relevant privacy laws and industry standards.
• Identify opportunities for privacy enhancements and work on their implementation, taking a proactive approach to evolving privacy requirements.
• Proactively monitor and analyse evolving laws, rules, regulations and guidance to help Sagicor to maintain compliance and strategic alignment.
• Perform other job-related duties assigned from time to time.