Head of Governance

• Monitor compliance with the Cyber and Data Protection Act, S.I. 155 of 2024, and organizational data protection policies.
• Manage internal data protection activities.
• Raise awareness on data protection across the organization.
• Train staff on data protection and privacy obligations.
• Conduct internal compliance audits on data protection practices.
• Manage requests from the Data Protection Authority and data subjects.
• Advise employees on their obligations under the Act and regulations.
• Advise on and monitor Data Protection Impact Assessments (DPIAs).
• Work with the Data Protection Authority in relation to the organization’s compliance obligations.
• Function as the contact point for data subjects regarding the processing of their personal data.
• Develop and review organizational data protection policies and procedures.
• Prepare compliance reports for senior management and regulators.
• Respond to data breaches and coordinate incident management procedures.
• Ensure data subjects’ rights (access, rectification, erasure, objection) are facilitated in line with the law.
• Oversee data retention and secure disposal practices.
• Promote a culture of accountability, confidentiality, and data ethics within the organization.

Qualifications, Skills, and experience Required.

• Minimum 5 years of experience in data protection, compliance, or a related field.
• Bachelor’s Degree in a related field (data science, data analytics, information security systems, information systems audit, law, audit or any other relevant qualification.
• Certified Data Protection Officer (POTRAZ) (mandatory) and other relevant certifications (optional).
• Strong knowledge of Zimbabwe data protection laws and regulations, the GDPR and other laws with an extraterritorial effect. Understanding of the data controller’s business operations and processing activities.
• Excellent leadership, communication, and project management skills