Jubilee Insurance Data Protection Officer - Jobs in Kenya

Jubilee Insurance Data Protection Officer - Jobs in Kenya

Job Ref. No. JLIL094
Position: Data Protection Officer
Employment Terms: Permanent and Pensionable

Jubilee Insurance was established in August 1937, as the first locally incorporated Insurance Company based in
Mombasa. Jubilee Insurance has spread its sphere of influence throughout the region to become the largest Composite
insurer in East Africa, handling Life, Pensions, General and Medical Insurance. Today, Jubilee is the number one insurer
in East Africa with over 450,000 clients.

Jubilee Insurance has a network of offices in Kenya, Uganda, Tanzania, Burundi, and Mauritius. It is the only ISO certified insurance group listed on the three East Africa stock exchanges – The Nairobi Securities Exchange (NSE), Dar es Salaam Stock Exchange and Uganda Securities Exchange. Its regional offices are highly rated on leadership, quality and risk management and have been awarded an AA- in Kenya and Uganda, and an A+ in Tanzania. For more information, visit www.JubileeInsurance.com.

We currently have an exciting career opportunity for a Data Protection Officer. The position holder will report to the
Regional Compliance Manager and will be based at the Head office in Nairobi.


Role Purpose

The purpose of this role is to establish, implement and enforce a robust Data Protection and compliance framework and
systems (policies, processes, and tools) so as to ensure that Jubilee Insurance companies are compliant with the Data
Protection Act and Regulations.


Main Responsibilities

Establishing the Data Protection Act Governance, regulatory framework and implementation plan which shall include
development of the various required statements and policies.

Guiding the various Companies, their departments, and all support functions on implementation of Data Protection
Act 2019 requirements and supporting them to ensure compliance with the Act.

Regularly training of all internal stakeholders involved in data collection/processing, updating the training as well as conducting specific trainings for specific processing requirements.

Conducting audits to ensure compliance, accountability and address potential issues proactively.

Serving as the Data Protection Officer and point of contact between the Companies, the Data Commissioner and
other Regulatory Authorities and co-operating with them during inspections by answering any complaints or queries
raised with regards to Data Protection.

Monitoring performance and adherence to the requirements of the regulation while providing advice on the data
protection impact assessment.

Creating and maintaining a register on comprehensive records of all data processing activities conducted by the
company, including the purposes of all processing activities, which must be made public on request.

Interfacing with data controllers, data processors and data subjects to inform them about the use of data, the data
protection rights, obligations, responsibilities, measures the companies and support functions have put in place to
protect personal and/or sensitive information and raise awareness on all of the above.

Advising and recommending to the institutions/support functions and their employees on the interpretation and/or
application of the Data Protection Act or any other written law on data privacy.

Handling queries or complaints internally or externally regarding data confidentiality and use.

Providing status updates to the Head of Compliance, Senior and Middle Management on a regular basis (at least
monthly) and drawing immediate attention to any failure to comply with the applicable data protection
requirements.

Data Protection Regulations:

Developing together with the business and support functions, carrying out impact
assessments, data protection policies, guidelines, and processes to ensure that compliance is consistent and in line
with the Data Protection Act.

Creating an Information Base: Guide and support on the creation of an information base on Data Protection and any
other elements which may be helpful to the controllers and the staff of the organization.

Relationship Building: Build a stable professional relationship with data controllers providing advice where necessary
and investing time and efforts in showing the benefits of data protection compliance.

Support the business in preparation of digital and other privacy statements as may be required for the institutions
and supporting functions and ensure processes are put in place for the institutions/support functions to collect
consents from the relevant data subjects and partners, have relevant privacy statements provided on all company
forms and/or literature, websites and other communication or data collection mediums.

Preparing an annual work programme at the beginning of each year for the upcoming year for the sign off by the
institution.

Networking with other Data Protection Officers to share information and keep up with information and emerging
trends around data protection as well as following up on change in laws and make recommendations on changes
required.


Key Competencies

Expertise in data protection law and practice

A complete understanding of the company’s IT infrastructure, technology, technical and organizational structure.

Experience and knowledge of the organization’s data processing operations and the level of data protection
required for what is processed.

Should be both reliable and independent, with no prior commitments that would interfere with the
monitoring responsibilities of the Data Protection Officer.

Should have excellent management skills and be able to interface easily with both internal staff at all levels and
outside authorities.

Personal skills: integrity, initiative, organization, perseverance, discretion, ability to assert himself/herself
in difficult circumstances, interest in data protection and motivation to be a Data Protection Officer.

Interpersonal skills: Communication, Negotiation, Conflict Resolution and Ability to build working
relationships.


Qualifications

Bachelor of Laws or any other related field

Para Legal Diploma from Kenya School of Law

Privacy Professional Certifications provided by the International Association of Privacy Professionals (IAPP) such as
Certified Information Privacy Professional (CIPP), Certified Information Privacy Professional/Information Technology (CIPP/IT).


Relevant Experience

Minimum of 3 years’ experience working in a mid-management level in a compliance/audits environment within the financial services industry preferably in the insurance or banking industry.

If you are qualified and seeking an exciting new challenge, please apply via Recruitment@jubileekenya.com quoting the Job Reference Number and Position by 7th September 2022

Only shortlisted candidates will be contacted


How to apply
For more information and job application details, see; Jubilee Insurance Data Protection Officer Jobs in Kenya

Find daily jobs in Kenya. Jobs - Kenya jobs. Search our career portal & find the latest Kenyan job positions, career opportunities & jobs in Kenya.

Jobs in Kenya - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in Kenya.

Find your dream job from 1000s of vacancies in Kenya posted and updated daily - click here!