Privacy Officer
Cape Town
DigiOutsource
We bring passionate people and innovative tech together to create market-leading online gaming solutions.Kick-start your career in the online gaming world and experience the very latest in technology and innovation.
The Department:
The Data Privacy team will sit under the Group Legal department, ultimately reporting into the Group General Counsel, and is responsible for ensuring compliance with global Data Privacy Regulations across the Super Group. We identify risks associated with Data Privacy Regulations across the Group and advise the business on appropriate controls to effectively treat those risks. We always put data protection compliance first to help the business design and implement controls to protect the brand from those risks and provide testing and monitoring capabilities to report on the effectiveness of these controls to senior management. We take a pragmatic approach to risk management ensuring that inherent risks are managed effectively to facilitate the business’ commercial objectives with innovative solutions in the spirit that “Everything is possible”.
Super Group aims to deliver “crystal clear compliance”, including Data Protection and Privacy, in an open and transparent manner whilst striving to be technologically innovative and leaders, rather than followers, in the online
gambling industry. In keeping with this, we ensure that the controls we implement are automated, as much as possible, and service the needs of the business by facilitating growth in a timely manner in a rapidly changing, fastpaced
and complex, challenging working environment.
The Data Privacy team is customer focussed and is here to protect our customers, and employees as well as to make decisions, give advice and deliver a service that protects and enhances the reputation of the company. Our work
requires vigilance, understanding, empathy and brand integrity along with a focus on the bottom line. We use the latest technologies to support us as much as possible, to aid the business in its core objectives.
Purpose of the role:
The Privacy Officer (Advisory) will support the delivery of the privacy programme across Super Group’s global business, as well as developing and promoting good personal data governance and a privacy-first culture within the business. They will support the Privacy Manager(s) in providing advisory services to nominated Group entities. They may also act as the Lead Advisor to specific entities, liaising with relevant key stakeholders and being actively involved in reporting to and advising the related Boards of Directors and Executive Committees for those entities as appropriate. They will be directly responsible for ensuring that advice and support to the business is provided in a pragmatic, timely and consistent manner not only to these nominated entities but across all group entities supported by the Privacy team as required. They will ensure that regular activity reports are provided to the Privacy Manager and that any required escalations to the Group Data Protection Officer are made in a timely manner.
You will be responsible for:
Supporting the Privacy Manager(s) on providing advice and support to nominated Super Group / SGHC entities,
liaising with relevant stakeholders across the business as appropriate
Representing the Group Privacy Team at relevant nominated entities’ Committees and Board Meetings as
appropriate
Supporting other members of the Privacy Advisory team in providing services to their nominated entities as
required to ensure timely and consistent services are provided across the Group
Providing input to the development of Group-wide Privacy Frameworks, Policies, Procedures and Processes
Monitoring compliance with the EU / UK GDPR, PECR and any other relevant data protection laws
Providing input to the development, review and oversight of appropriate Group-wide policies and procedures for data privacy
Provide support in ensuring privacy programme processes and procedures are established and adhered to across all brands, jurisdictions and offices
Providing expert input into projects with regulatory impacts
Creating and maintaining internal records and logs of control status, overall compliance levels, consent management and Records of Processing Activities
Supporting the Privacy Manager(s) in ensuring that the nominated entities’ Register of Processing Activities are reviewed and updated on a regular basis
Providing the business with commercially aware advice and support on data protection, based on expert knowledge and empirical evidence
Being a key stakeholder and advisor in business wide projects
Maintaining an expert knowledge of data protection legislation, regulations and best practice
Maintaining strong knowledge of regulatory frameworks and risk treatment and mitigation strategies
Supporting and advising the IT/IS teams to ensure we meet requirements of Article 32 of GDPR
Providing support in ensuring that privacy related training and awareness is maintained across the business
Providing expert input into the development of strategies and relationships to mitigate the risk of data processors employed by SGHC companies
Reviewing and advising on privacy impact assessments to ensure privacy by design and privacy by default
Being an escalation point for any security incidents affecting personal data
Being a proactive advocate and brand ambassador of the Privacy Programme across the business and push for the delivery of its objectives, through training enhancements and privacy framework enhancements
Assisting in ad hoc duties as and when required
This job description is not intended to be an exhaustive list of responsibilities. The job holder may be required to complete any other reasonable duties in order to achieve business objectives.
You will have (Essential criteria):
Minimum of 3 years’ experience in a data protection role
Previous experience in a privacy role in a multinational or global organisation (ideally for a predominantly online
B2C business) Exceptional attention to detail & accuracy in all aspects of the role in high pressure and time constrained working environments
Ability to create and document operational processes and procedures
Experience in monitoring data protection controls and identification of risks
Track record of delivering on a range of privacy programmes within a commercial environment
Demonstrable experience developing, and delivering on, a strategic plan
Experience in managing and reporting data breaches / incidents, and advising on remedial action
Exceptional communication and influencing skills and ability to act as advocate for establishing the privacy programme throughout the business
Knowledge of the Information Security or Cyber Security domains, whilst always putting Privacy first
Proven ability to interface professionally and effectively with regulators, legal advisors & external companies
Ability to provide commercially astute risked-based advice and recommendations for business
Good working knowledge of industry standards such as ISO27001, NIST and SANS
Privacy qualifications such as the CIPP/E and/or CIPM
It would be a bonus if you also have (Desirable skills):
Strong knowledge of the online gambling industry
Experience running a Working Group or Committee
Good understanding of project and programme methodologies such as Prince2 and Agile
Experience reviewing contracts
Knowledge of wider regulatory requirements such as gambling regulation and money laundering
Knowledge of auditing frameworks and international standards, such as ISO 27001 and PCI DSS
Media trained and comfortable representing the business at external events
Strong project management skills
Ability to work effectively under pressure and to manage sensitive and confidential information
Personal qualities:
Results driven
Collaborative approach to work
Flexible and creative approach to problem solving
Willingness to learn and develop
Resilient and assertive
Energetic and personable
*Please note we will apply relevance to our Talent Management and Talent Development Programme as part of our recruitment process.
*Shortlisted candidates may need to complete an assessment.
This position requires trust and honesty it has access to customers financial details - therefore a credit and criminal record check will be conducted. The qualifications identified herein are an inherent job requirement; therefore, a qualification verification check will be done. By applying for this role, and supplying the necessary details, you hereby grant us permission to apply for these checks. This will be done in a confidential manner, and solely for the purposes of verification.
Should you not hear from us within 2 weeks, please deem your application as unsuccessful.
The perfect place to work, play and grow!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Audits CIPP Compliance GDPR Governance ISO 27001 Monitoring NIST PCI DSS Privacy Risk management SANS
Perks/benefits: Career development Flex hours Startup environment Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.