Compliance Manager - Certification
LxT -
Mohandessin, GizaPosted 4 years ago25Applicants for1 open position
- 25Viewed
- 1In Consideration
- 1Not Selected
Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
Core Responsibilities *
- Compliance & Certification Providing and maintaining the necessary documentation to demonstrate compliance with the GDPR and ISO 27001:2013 including, but not limited to policies, procedures, templates, forms and ensuring that they are kept up to date.
- Building and maintaining the ISMS for ISO 27001:2013, along with all related activities that ensure the ongoing compliance to the standard.
- Fully responsible for the relevant internal audit sessions that will be held with all interested parties in compliance to ISO 27001:2013, as well as acting as the management representative in the Management Review meetings and with the external audit entities.
- Ensuring LxT is PCI DSS compliant, while also facilitating the external assessment done to certify the company on yearly basis.
- Informing and providing expert advice to all members of staff regarding their obligation to comply with the provisions of the GDPR and relevant local laws and regulations when processing personal data.
- Monitoring compliance with the GDPR and relevant local laws and regulations, and informing the stakeholders within the Company of any changes in a timely manner.
- Act as the single point of contact for the supervisory authority on issues relating to processing of personal data, and to consult with the supervisory authority, where necessary, on any other relevant personal data matters.
- Act as the main point of contact for employees and all data subjects, and will cooperate with all members of staff on matters of data protection.
- Ensures that training and awareness is available and delivered to all members of staff involved in the processing of personal data.
- Provides expert advice and guidance on the Data Protection Impact Assessment (DPIA), including performing or monitoring the performance of DPIAs against the requirements of GDPR Article 35.
- Develops the process and procedures for reporting personal data breaches and takes the necessary measures to inform the relevant stakeholders as provided by GDPR Article 33 and 55.
- Monitors compliance with the Data Protection Policy and any other internal documents relating to data protection.
- Creates inventories, holds and maintains registers of processing operations based on information provided to them by the departments within the Company which are responsible for the processing of personal data.
- Advises the Company regarding privacy notices to data subjects at the point of collection of their personal data, pursuant to GDPR Articles 13 - 15.
Job Requirements
- Intensive knowledge on ISO 27001:2013 and its requirements and related activities
- Deep knowledge of PCI DSS and all the main techniques for complying to its requirements.
- Clear awareness of document control and document management.
- Previous proven experience of passing external audit and certification processes in similar industries.
- Full awareness of the GDPR with all the relevant articles that serve the business nature
- Have extensive knowledge of compliance as a concept to commonly known standards and\or laws related to the business industry.
- Excellent customer service skills, strong organizational, interpersonal, verbal and written communication ability.
- Strong facilitation and presentation skills.
