Compliance and Data Privacy Officer
Detail posisi
The position implements and monitors Compliance and Data Privacy programs, as well as provides Compliance and Data Privacy support to the company and/or its parent company and affiliates. This role provides a complete array of Compliance and Data Privacy services, including drafting and monitoring policies, acting as the data protection officer (DPO) and advising business leaders and other company personnel.
Kewajiban
• Oversee and implement Compliance and Data Privacy programs and activities to ensure relevant laws, policies and procedures are followed, as well as provide relevant advice.
• Ensure the organization’s compliance with all applicable laws, including Thai and US compliance laws and regulations
• Develop, promote, implement and continuously update corporate compliance program in light of all applicable legal requirements
• Create, implement, monitor, review and update policies, procedures, manuals, guidelines, and tools related to Compliance and Data Privacy
• Assess risks and formulate risk management guidelines in compliance with relevant laws and regulations
• Formulate, manage and monitor Compliance-related systems and processes, including due diligence of third parties and pre-approvals of sensitive transactions
• Provide summary reports on compliance with the Anti-Corruption Policy and Business Conduct Policy
• Manage and consider resolution of Compliance and Data Privacy issues
• Follow up on laws and regulations to ensure compliance; stay current on operations initiatives, compliance/regulatory concerns, and other changes in the industry
• Act as the responsible data privacy officer with responsibilities including:
• fulfilling the tasks and responsibilities of the Data Protection Officer as defined by the PDPA
• ensuring and maintaining compliance with data privacy laws, including conducting data privacy assessments, identifying vulnerabilities and risks, and suggesting actionable remedies
• maintaining Record of Processing Activities (ROPA)
• providing guidance and advice regarding data privacy and personal data protection, reviewing relevant contract conditions, and auditing operations related to personal data
• serving as the primary point of contact with stakeholders and regulatory authorities on data privacy; handling enquiries from data subjects on data privacy issues
• providing consultation on personal data incidents
• preparing PDPA and data privacy update reports
• keeping up to date with developments of data protection laws and regulations
• Promote a culture of compliance; develop and roll out Compliance and Data Privacy awareness campaigns and trainings, e.g., designing e-learning, preparing materials and conducting trainings
Kualifikasi
• Bachelor’s degree or higher in laws, Accounting, Finance, or related fields
• Minimum of 7 years of PQE in the compliance field with work experience in data privacy. Experience as the DPO is advantageous.
• Working knowledge of and experience with FCPA an advantage
• Excellent communication skills (speaking, writing, listening)