Job Description

Overview

We are seeking a motivated and enthusiastic APAC Regional Privacy Officer to join SITA\xe2\x80\x99s Global Privacy Office. You\xe2\x80\x99ll be an experienced privacy professional looking to start the next chapter of your career somewhere challenging and exciting to work.
As the APAC Regional Privacy Officer, you will be the single point of contact (SPOC) for data privacy in the region, comfortable engaging and partnering with the GEO and business leadership and with their management teams as you drive and embed a positive privacy culture. With an excellent understanding of regional privacy laws and regulations, you will also collaborate with colleagues in Technology, Security, Legal and Procurement to identify what and how personal data is processed and transferred in region, helping align desired behaviors and practices consistently, while ensuring the business can meet customer requirements and best practice privacy.
As a trusted adviser and senior partner, you will work proactively with your stakeholders to gain a deep understanding of their business, ensuring that the privacy risk remains within acceptable limits and supports SITA\xe2\x80\x99s growth ambitions as you implement a robust data governance and monitoring regime. You will manage second line monitoring reviews and provide input in to both internal and external audit as required.
As part of a dynamic and growing international team you will contribute to the wider activities of the Global Privacy Office, bringing your own ideas and contributions as part of your on-going personal development.
What will you do?

• 
  Work with the Global Privacy Office to develop, maintain, and evolve SITA\xe2\x80\x99s privacy program including providing input into policy and guidance documents;
• Represent the Global Privacy Office in day-to-day activities with GEO leadership, business and other functional stakeholders to drive pragmatic privacy risk management, policy compliance, education and awareness to enable compliant growth in region;
• Develop and maintain an in depth understanding of GEO\xe2\x80\x99s processes, systems, technologies, data, customers, consumers, vendors, data flows and international transfers.
• Provide timely reporting and cascade of privacy risks to the CPO and appropriate committees;
• Execute privacy risk assessments for SITA products and services, documenting the supporting evidence and ensuring that there are robust audit trails;
• Evaluating the impact of contractual and regulatory privacy and security requirements on business practices, including supporting Legal and Business colleagues in commercial negotiations;
• Proactively identify areas of potential improvemens and facilitate mitigations to reduce privacy non-compliance;
• Horizon scan for privacy developments, such as new laws or regulatory guidance, and provide analysis and recommendations.
• Conduct second line monitoring reviews and control testing, providing input to the Global Privacy monitoring programme and supporting third line of defence activities.
• Regional privacy SME for incidents where there is a data privacy impact including post incident reviews;
• Act as the front door for external regional privacy regulatory/ customer enquiries and complaints, including data incidents/ breach notification at the direction of the CPO;
• Design, support and deliver privacy training and awareness in region and more broadly across SITA;
• Represent SITA externally in region at privacy events, conferences, client facing engagement, and industry forums;

Qualifications

Who you are

• 
  Minimum of 8 Years + demonstrable experience working at scale and at a senior level within a multinational environment as a privacy officer or in a comparable data compliance role;
• Robust knowledge of data compliance frameworks and design, execution and monitoring of associated compliance programs;
• Robust understanding of APAC regional data protection laws, standards and associated compliance requirements;
• Demonstrable experience of OneTrust or equivalent compliance platform;
• Ability to manage multiple priorities effectively and work independently whilst collaborating across competing stakeholders and teams;
• Ability to influence outcomes and at times without the express authority to meet objectives.
• Excellent and concise written and verbal communication skills with the ability to convey complex technical legal/privacy issues in simple terms;
• High level of interpersonal skills to interact with senior leaders and facilitate team interactions;
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker;
• Strong team player with a positive attitude, sense of humour and a desire to learn; and
• IAPP or similar recognised privacy accreditations preferred;