Responsibilities:
- ROPA Management: Lead and cooperation with stakeholders of the creation and maintenance of Records of Processing Activities (ROPAs) to ensure PDPA compliance.
- Data Risk Management: Collaborate with Process Owners and Data Risk Owners to identify, assess, and mitigate data risks, including those related to operations, IT, security, and data quality.
- ROPA & Data Risk Tool: Lead the implementation and development of tools for ROPA and data risk management.
- Metadata Analysis: Be a key team of the metadata governance to analyze the metadata and ensure the completion and accuracy of it.
- Data Quality Analysis: Be a key team of the data quality governance to analyze the data quality performance and collaborate with relevant stakeholders for the data quality risk management and improvement.
Core Activities:
- Analyze ROPAs, data processing requirements, and existing controls to pinpoint policy gaps.
- Identify and evaluate the potential risks and impacts of data processing activities.
- Provide expert guidance to stakeholders on risk assessment, mitigation strategies, and issue resolution.
Experience and Skills
- Data Governance Expertise: Proven experience in a data governance, data protection, or data privacy role. An understanding of core data governance principles and best practices is preferable.
One or more of the following experiences are preferable; IT audit, data management, data analytics, project risk management, IT risk management, IT security risk management, and project management
- Regulatory Knowledge: Knowledge of data protection regulations, specifically the PDPA (Personal Data Protection Act) and its application in a business environment.
- Risk Management: Hands-on experience in identifying, assessing, and mitigating various types of data-related risks, including operational, IT, security, and data quality risks.
- Project Leadership: Experience leading or managing projects, particularly those involving cross-functional teams and senior stakeholders. This role requires someone who can drive initiatives from start to finish.
- Technical Acumen: Familiarity with tools and technologies used for ROPA and data risk management. Experience with tool implementation or development is a plus.
- Analytical Skills: Strong analytical abilities to review complex documents (like ROPAs), identify gaps, and propose effective solutions. Ability to use a data analytics tool or Python, R, SQL programming is a significant plus.
Requirement
- Bachelor&aposs or higher in Computer Science, Computer Engineering, MIS, or a related field.
- 3 - 5 years in a services organization with one or more of following preferable experiences; IT audit, data management, data analytics, project risk management, IT risk management, IT security risk management, ROPA and DPIA according to PDPA.
- Proven experience in IT project management, data/IT governance and compliance, IT audit, data security, or similar data management/analytics roles.
- Familiarity with data governance or data management at a technical level (e.g., Data Architecture, Data Modeling, Data Operations, Data Security) is a plus.
- Experience in banking or financial services is preferred.
- Understanding of BOT Data Governance Guidelines, ISO27001, PDPA, and industry best practices for Data Governance and Data Management Models.
- Familiarity with leading Data Catalog, Data Quality, and Metadata Management practices.
- Knowledge of data protection, regulatory requirements, and emerging data trends.
- Excellent communication and presentation skills.
- Strong teamwork, collaboration, and problem-solving abilities.
- A proactive, can-do attitude.
