Data Privacy and Enterprise Data Governance Risk Manager

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

Reporting to the Data Protection Manager, the Data Privacy and Enterprise Data Governance Risk Manager will support the TRM Department in providing L2 oversight of the organization’s Privacy and Enterprise Data Governance program.

JOB DESCRIPTION:
Data Privacy Risk
- Support the Data Protection Manager in the following tasks:
o Provide oversight on metrics reported and review materials to be presented by L1 Privacy team to various forums such as Risk Committee, Group, Local Tech Risk Forum

o Review and approve privacy assessments, including on new or changes to data processing activities, assessing and managing privacy risks associated with third parties (e.g. vendors, service providers, partners etc.)

o Perform contract review in relation to privacy clauses

o Contribute to development and implementation of incident response plans for privacy incidents and conduct data breach assessment

o Raise organizational awareness on risks relating to data privacy through training and awareness

o Provide oversight of business units in the management of privacy and data governance risks, including challenging risk assessments, controls and testing activities

o Provide oversight of audit related to data privacy domain and timely remediation by stakeholders

o Provide oversight and guidance to the organization’s privacy champion program, ensuring its effectiveness in promoting privacy awareness and compliance

o Design, implement and maintain local privacy policy, privacy not standard and procedures where required

o Support Global Privacy program and objectives

o Provide oversight on organizational compliance with local privacy regulation and Group Privacy Policy

o Monitor, develop and implement appropriate policies and procedures to ensure compliance with the Personal Data Protection Act (PDPA) and suitable to PACS’ needs.

o Handling and leading on the resolution of complaints or queries from the regulators (PDPC, MAS), public and internal stakeholders relating to PDPA matters.
- Stay up-to-date on evolving privacy regulations, conduct regulatory gap analysis, and provide guidance to the organization on adapting to new requirements
- Work closely with manager to achieve team and company objectives, including completing assigned tasks

Enterprise Data Governance (EDG) Risk
- Support the Data Protection Manager in the following tasks:
o Provide oversight on metrics reported and review materials to be presented by L1 EDG team to various forums such as Risk Committee, Group, Data Governance Committee

o Provide oversight on issues on Data Governance and Data Quality matters, including compliance with Group Data Policy

o Provide oversight on for audits related to Data Governance and Data Quality domains and timely remediation by stakeholders

Provide oversight of L1 EDG team and business units in the management of data governance risks, including challenging risk assessments, controls and testing activities

WHO WE LOOKING FOR:
Competencies & Personal Traits
- Driven and Self-initiated individual
- Strong stakeholder management
- Strong communication skills, ability to storyline and engage in focused discussions
- When empowered, not afraid to make decisions
- Operates effectively even when things are not completely certain

Working Experience
- 3-5 years’ experience in privacy and data governance risk management, compliance, or related field

Professional Qualifications and Technical Knowledge
- Knowledge on data governance and data quality management
- Understanding of local data privacy regulations, ideally with relevant privacy-related certifications (e.g. Practitioner Certificate in Personal Data Protection (Singapore), CIPM, CIPP/A)
- Experience in working in a diverse organisation and across front to back business processes

Education
- Degree holder of any business/ financial related discipline