About Us
DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services, and digital services holdings in Thailand and ASEAN.
As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, DATAx is the technology company to centralize data and provide AI and data science services and products to the group.
With a leading-edge cloud-native data & AI platform, our vision is to support the group to provide everyone in our region with the opportunity to prosper.
We work on forward-thinking challenges of centralizing, analyzing, and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.
About Team & Position
At DATAx, we are committed to ensuring that all of our customers data is protected and that our work complies with data protection legislation. We're seeking a Data Protection member to help us improve our management of potentially sensitive information, carry out regular monitoring, and act as the main point of contact between DATAx, SCBX group and the data protection authorities.
In this role, your main task is to provide privacy professional support, advice, and guidance to the business units regarding drive decisions balancing cost and benefits after developing all potential options for data security, privacy-enhancing technologies (PETs), and automation. Adept at implementing market-leading privacy tools, automating manual processes, and handling personal data with meticulous attention to compliance and risk management. Skilled in validating AI models to mitigate privacy risks, performing audits and executing general Data Protection Officer (DPO) tasks. Committed to staying ahead of industry trends and advancing privacy solutions to protect organizational and customer data.
Your Responsibility
- Develop and review a Data Protection Management Programme (DPMP) that covers policy, processes, procedures, and people for the handling of personal data at each stage of the data lifecycle.
- Maintain records of processing activities (RoPA) and support the completion of Legitimate Interest Assessments (LIAs).
- Offer expert privacy technology consultation to ensure compliance, introduce advanced privacy technologies, and enhance data usage and visibility for DATAx, while coordinating and implementing these strategies across all SCBx subsidiaries.
- Conducted privacy impact assessments for projects like cloud services and AI models, offering actionable solutions to mitigate risks. Collaborated with business and tech teams to ensure privacy by design in SDLC, infrastructure, and data analytics.
- Coordinated personal data breach investigations, collaborating with business, IT, and Information Security teams to swiftly address issues, diagnose causes, and develop remediation actions.
- Led the implementation and optimization of privacy tools and automation projects, replacing manual operations to enhance compliance, streamline data handling, monitoring, reporting, and improve efficiency.
- Managed personal data handling practices, ensuring adherence to regulatory standards and best practices.
- Performed comprehensive audits and risk assessments to identify vulnerabilities and recommend improvements.
- Keep abreast of changes in law and technology that may change the threat landscape and, as a result, change DATAx's exposure to risk. Stay updated with the latest advancements in technology and privacy to continuously improve and innovate privacy processes.
- Stay updated on legal and technological changes that could affect DATAx and SCBx group's risk exposure, and continuously improve privacy processes using the latest advancements.
Qualifications:
- Bachelor's or master's degree in IT, Security, Law or related fields.
- Demonstrated technical and/or legal expertise on data protection and privacy
- Proficient in techniques such as data classification, encryption, and anonymization.
- Ability to communicate complex privacy-related concepts and requirements in simple terms, including being able to translate regulator recommendations into internal guidelines and other documentation
- Extensive experience with data protection technologies, cybersecurity and modern systems architectures, including cloud services.
- Ability to design and implement automated privacy solutions using platform (e.g. RPA, Python Scripting, MS workflow, BI).
- Competence in safeguarding privacy by validating models throughout their entire lifecycle.
- Ability to work with cutting-edge technologies and innovative solutions, with an awareness of the benefits and challenges posed by emerging technologies.
- Exceptional research abilities, verbal and written communication skills, and strong analytical and problem-solving capabilities.
- Experience in IT PM, risk, compliance and audit is advantage.
