Manager, Data Ethics & Privacy
Role Overview
We are seeking a seasoned professional to join our organisation as a Manager, Data Ethics & Privacy within the Group Strategy & Innovation (GSI) function.
This role is responsible for safeguarding the organisation against data protection and privacy risks, while championing ethical data practices across the Group. The incumbent will play a critical role in ensuring compliance with applicable regulations, strengthening data protection frameworks, and fostering a culture of trust and accountability in the use of data.
The role requires close collaboration with cross-functional stakeholders to support business initiatives, ensuring that data privacy and ethical considerations are embedded from design through implementation.
Key Responsibilities
Data Privacy & Risk Management
- Oversee the effective management and protection of sensitive and personal data
- Advise stakeholders on data protection impact assessments (DPIA) and risk mitigation strategies
- Identify, assess, and manage data privacy risks associated with new initiatives and projects
Policy, Framework & Governance
- Develop, review, and enhance data protection and privacy frameworks, policies, and procedures
- Ensure alignment with evolving regulatory requirements, emerging technologies, and industry best practices
- Drive the implementation and continuous improvement of data privacy governance
Advisory & Subject Matter Expertise
- Act as a subject matter expert on data ethics and privacy matters
- Provide practical, outcome-focused advisory to business, technology, and control functions
- Support the integration of ethical considerations into data-driven initiatives
Stakeholder Engagement & Collaboration
- Build and maintain strong relationships with stakeholders across Legal, Compliance, Risk, Information Security, and Business teams
- Collaborate to ensure consistent application of data privacy and governance practices
Training, Awareness & Communication
- Develop and deliver training, awareness programmes, and communication materials on data privacy and ethics
- Promote employee understanding of data protection responsibilities and obligations
Regulatory Engagement
- Serve as a point of contact for regulatory and data protection authorities where required
- Support responses to regulatory enquiries, surveys, and consultations
Key Requirements
- Bachelor's degree, preferably in Law, Information Management, or related discipline
- Minimum 10 years of experience in data protection, privacy, compliance, or governance roles
- Strong knowledge of data protection laws and regulatory frameworks, particularly within Southeast Asia
- Proven experience in developing and implementing data protection compliance programmes
- Professional certifications such as CIPP, CIPM, or equivalent are highly advantageous
- Familiarity with technology environments, including cloud computing and emerging technologies (e.g., AI, open banking, blockchain) is a plus
- Prior experience in financial services, digital, or fintech industry is preferred
Key Competencies
- Strong expertise in data protection, privacy, and ethical governance
- Ability to translate regulatory requirements into practical business solutions
- Strong analytical and risk assessment capabilities
- Excellent stakeholder management and influencing skills
- Effective communication and presentation skills
- High level of integrity, professionalism, and attention to detail
- Strong collaboration and teamwork orientation
