Role Purpose

The Privacy Specialist will be responsible for supporting the day-to-day effective implementation of privacy policy controls within the company and its subsidiaries.

The role focuses on ensuring that privacy requirements are properly embedded across products, services, operations, data processing activities, and business processes in line with the company’s Privacy Management Policy and applicable data protection requirements.

Key Responsibilities

The Privacy Specialist will be responsible for:

• Ensuring completion of Privacy Impact Assessments (PIAs) across all products, services, and operational development processes before launch.
• Conducting assessments and re-assessments of existing high-risk, medium-risk, and low-risk products and processes from time to time.
• Supporting the implementation of Security and Privacy by Design and Assurance (SPDA).
• Preparing and submitting cross-border data transfer permit applications to the Personal Data Protection Commission (PDPC), including all required documentation.
• Maintaining a tracker for PIAs, DPIAs, and data transfer applications, including completion status and risk assessments.
• Tracking, ensuring, and maintaining the implementation status of all privacy controls required under the Privacy Management Policy.
• Ensuring all ad-hoc data requests for analytics and testing from the business are channelled to the Privacy team for assessment, PIA review, and approval.
• Ensuring the implementation of the Personal Data Processing Register (PDPR).
• Ensuring timely responses to operational privacy-related queries and communications received from across the business, both internally and externally.
• Carrying out any other duties as may be assigned by the company.

Qualifications, Core Competencies, Knowledge, and Working Experience

Applicants should possess the following qualifications, skills, and experience:

• Bachelor of Science Degree in Telecommunications, Information Security, Cyber Security, Information Technology, or Computer Science.
• A degree or diploma in Law will be an added advantage.
• Outstanding ability to apply knowledge of Information Technology.
• High level of computer literacy, with exceptional proficiency in Microsoft Word and Excel.
• Excellent interpersonal skills with a customer- and business-oriented approach.
• Strong communication skills.
• Fluency in English and Kiswahili.
• Ability to interact effectively with other team members.
• Knowledge of common technology management and compliance frameworks, including:
  • ISO/IEC 27001
  • SOC 2
  • SOX
  • ITIL
  • COBIT
  • King IV
  • NIST
• Experience working on complex technical projects will be an added advantage.
• A reputation for self-motivation, integrity, cultural sensitivity, and strong interpersonal skills.
• Ability to communicate complex technical information clearly to non-technical business units.

• Ensuring completion of Privacy Impact Assessments (PIAs) across all products, services, and operational development processes before launch.
• Conducting assessments and re-assessments of existing high-risk, medium-risk, and low-risk products and processes from time to time.
• Supporting the implementation of Security and Privacy by Design and Assurance (SPDA).
• Preparing and submitting cross-border data transfer permit applications to the Personal Data Protection Commission (PDPC), including all required documentation.
• Maintaining a tracker for PIAs, DPIAs, and data transfer applications, including completion status and risk assessments.
• Tracking, ensuring, and maintaining the implementation status of all privacy controls required under the Privacy Management Policy.
• Ensuring all ad-hoc data requests for analytics and testing from the business are channelled to the Privacy team for assessment, PIA review, and approval.
• Ensuring the implementation of the Personal Data Processing Register (PDPR).
• Ensuring timely responses to operational privacy-related queries and communications received from across the business, both internally and externally.
• Carrying out any other duties as may be assigned by the company.

• Outstanding ability to apply knowledge of Information Technology.
• High level of computer literacy, with exceptional proficiency in Microsoft Word and Excel.
• Excellent interpersonal skills with a customer- and business-oriented approach.
• Strong communication skills.
• Fluency in English and Kiswahili.
• Ability to interact effectively with other team members.
• Knowledge of common technology management and compliance frameworks, including: ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, King IV, NIST.
• Ability to communicate complex technical information clearly to non-technical business units.

• Bachelor of Science Degree in Telecommunications, Information Security, Cyber Security, Information Technology, or Computer Science.
• A degree or diploma in Law will be an added advantage.
• Experience working on complex technical projects will be an added advantage.
• A reputation for self-motivation, integrity, cultural sensitivity, and strong interpersonal skills.