Senior Information Officer - DISCOVERY LTD - Sandton

Senior Information Officer Business Unit: Vitality RSA Function: Information Security Date: 20 Mar 2024 Discovery - Vitality RSA Senior Information Officer About Discovery Discovery's core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society. About Vitality RSA Risk & Analytics The Vitality Risk and Analytics department assumes responsibility for data, analytics, actuarial science, data science, and risk management within the Vitality organization. As a data-centric entity, this department plays a pivotal role in facilitating data-driven solutions and problem-solving, effectively serving as the custodian of excellence in data-driven practices. Key Purpose The Senior Information Officer plays a crucial role in ensuring compliance with information-related regulations. The Senior Information Officer position enables Vitality to fulfil its mandates related to the Promotion of Access to Information Act (PAIA) and POPIA. The Senior Information Officer provides strategic leadership to ensure adherence to the policies pertaining to Information Management, Governance and Security. The role is responsible for providing strategic and tactical support to the business and direct operational management of governance requirements, through the effective delivery of initiatives whilst supporting the organisation's objectives. Areas of responsibility may include but not limited to Assesses Documenting current baseline of Privacy Program Identifying Privacy Obligations and addressing Risks (CRMP) Reviewing and identifying Policies and Procedures in place. Conducting Data Privacy Impact Assessments (DPIA) Conducting assessment of Processors & 3rd Party Vendors, as well as a physical assessment Assessing Mergers; Acquisitions & Divestitures Responds to: Incidents, breaches, Data Subject Access requests (DSARS), as well as Information Regulator requests Protection of: Data Life Cycle Information Security Practices Privacy by Design Integrate Privacy Requirements & representation into functional areas across the organization. Sustain Practices: Measuring effectiveness Aligning to relevant policies and procedures Continuous Monitoring of internal attestation, access controls Auditing Communication - Training & Awareness Continuous Maintenance and Improvement of the Privacy Program Regularly holding and attending Privacy Officer meetings, Information Governance/Incident Review/Group Privacy Forums, or related Group Meetings (on a weekly, bi-weekly and monthly basis) Compiling reports pertaining to data information privacy Personal Attributes and Skills Competencies: Drives Results Values Driven Optimistic Learns on the Fly Resilient Instils Trust People Savvy Drives Results Problem Solver Behavioural Attributes: Self-starter Organisational skills Excellent communication skills Critical and strategic thinker Excellent interpersonal & relationship building skills. Ability to work under pressure and manage multiple stakeholders. Qualifications, Technical Skills & Required Work Experience Qualification: Professional Membership with International Association of Privacy Professionals (IAPP) or equivalent organisation. Advantageous: IAAPP Membership Privacy management certification e.g. Certified Information Privacy Management (CIPM) and/or Certified Information Privacy Professional (CIPP) and/or Work Experience: Solid knowledge and understanding of Vitality RSA as an organisation in alignment governance component. Working knowledge of and experience of Information Privacy, Security and Governance In depth knowledge and understanding of Information Technology, Governance and Security Advantageous: Management/leadership experience within large complex corporate environments 5 years of relevant work experience in two or more of the following areas: Information Governance Privacy Management and Privacy Legislation Project Management (following up on tasks/issues/incidents) Technical Skills Understand the different business functions - have a broad exposure to business areas. Ability to work under extreme pressure and take the lead in crisis management situations with organization-wide impact. Excellent written and oral presentation skills, ability to lead discussions and present complex ideas to all levels within the organization. Interpersonal skills - Ability to easily build relationships. Champion for ethical use of data Understanding of storing and protecting data. Good understanding of how to manage Privacy Risks. Leading Privacy Steercom, PIA Reviews. Regularly training staff on Information Privacy Know who to contact to resolve incidents, breaches, and IR requests. Advantageous: Legal expertise EMPLOYMENT EQUITY The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply. Apply Now

Share this job with someone you think should apply!

Facebook

Senior Information Officer - Sandton

Related Jobs

Information Security Specialist - Johannesburg

Information Security Analyst - Roodepoort

Information Security Analyst Roodepoort - Roodepoort

Information Security Officer Edenvale - Edenvale

Information Security Engineer Johannesburg - Johannesburg

Want to do another search?