About Us
Pacific Centrecom (Fiji) Limited is a joint venture organization that draws together the talents of Fiji Airways and the global expertise of a well-respected international partner to provide outsourcing contact centre and back-office services to both local and international clients 24/7.
The Role - Data Protection Officer (Suva)
We are looking for a Data Protection Officer to help that all of our data and our customers’ data are protected and that our work complies with data protection legislation.
Key Responsibilities:
Working as part of a vibrant and cohesive IT team, you will be responsible for and not limited to:
1. Monitoring Compliance
- Ensure the organization complies with relevant data protection laws and regulations, such as GDPR.
- Monitor internal data processing activities to ensure that personal data is handled legally and ethically.
- Advise and guide the organization on necessary compliance measures to mitigate risks.
2. Data Protection Impact Assessments (DPIAs)
- Lead and oversee Data Protection Impact Assessments (DPIAs) when the organization undertakes new data processing activities or launches new products/services.
- Identify potential privacy risks in projects and recommend mitigating actions to ensure compliance.
3. Advising on Data Protection Policies
- Provide expert advice on the development and implementation of data protection policies, including data retention, access control, and security protocols.
- Ensure that policies are communicated to staff and integrated into everyday practices.
4. Training and Awareness
- Conduct data protection training and awareness programs for employees to ensure that everyone understands their responsibilities when handling personal data.
- Foster a data protection culture within the organization.
5. Acting as a Point of Contact
- Serve as the primary contact point for data subjects (customers, employees, or third parties) regarding any issues related to personal data processing, including data access requests or complaints.
- Liaise with supervisory authorities (such as the Information Commissioner’s Office or ICO) on data protection matters, including breach reporting.
6. Handling Data Breaches
- Oversee and manage the response to data breaches, ensuring they are promptly reported to the relevant regulatory authorities (within 72 hours under GDPR) and communicated to affected individuals when necessary.
- Lead the investigation, remediation, and reporting efforts following any data breach.
7. Maintaining Records of Processing Activities (ROPA)
- Maintain comprehensive records of all personal data processing activities within the organization, including the purposes of processing, categories of data subjects, and data storage locations.
- Ensure that these records are kept up to date and are available to supervisory authorities upon request.
8. Data Subject Rights Management
- Oversee the processes for handling data subject requests, such as:
- Right to access data
- Right to rectification
- Right to erasure (the right to be forgotten)
- Right to data portability
- Right to object to data processing
- Right to restrict processing
9. Collaboration with Other Departments
- Work closely with IT, legal, HR, and other departments to ensure that data protection considerations are integrated into all business processes.
- Collaborate with information security teams to ensure the organization's IT systems have the necessary technical and organizational measures in place to protect personal data.
10. Risk Management
- Identify and assess potential data protection risks in the organization’s processes and systems.
- Recommend and oversee the implementation of controls and procedures to mitigate these risks.
11. Reporting to Senior Management
- Regularly report to senior management on the organization's compliance status, data protection issues, and any incidents or breaches.
- Provide strategic advice on how to improve the organization's data protection frameworks and strategies.
12. Data Protection Strategy Development
- Develop and maintain the organization's long-term data protection strategy.
- Ensure that the organization’s data protection practices align with future legal developments, technological advancements, and business growth.
Qualification & Experiences
- Bachelor’s degree (or equivalent) in computer science or related field
- Proficiency with software for preparing reports and presentations
- Three or more years of experience in data protection, compliance or related field
- Expertise in data protection laws and practices, including deep understanding of GDPR
- Experience in a legal, audit, or risk management role
- A solid understanding of data security principles, encryption, and cybersecurity measures to protect personal data.
- The ability to understand the technical aspects of data breaches, detect vulnerabilities, and recommend appropriate responses.
- Experience in conducting risk assessments, particularly Data Protection Impact Assessments (DPIAs), to identify and mitigate privacy risks.
- Strong ability to communicate with staff at all levels, including senior management, IT teams, and legal departments, to ensure data protection policies are understood and followed.
- The ability to conduct training sessions and awareness campaigns to educate employees about data protection responsibilities.
- Strong project management skills
- Ability to work effectively under pressure and to manage sensitive and confidential information
- Excellent verbal and written communication skills, with strong attention to detail.
Remuneration and Benefits
- A secure career with a strong fast-growing company
- Competitive salary package
- Medical Insurance
- Outsourced counselling service
- Access to discounted travel
- Ongoing career development and training
- Work in a fun and supportive team
Application Process
If you feel this is what you have been in search of, then send your applications with curriculum vitae outlining qualifications, relevant experience, and phone contact with the subject “Data Protection Officer - Suva” to vacancy@centrecom.com.fj
Applications close on: Sunday 13th October 2024