Data Protection & Compliance Support Officer

The Data Protection and Compliance Support Officer's responsibilities include:

• Advising on the Hudson Group’s compliance with GDPR and local data protection laws in the countries that the Group operates in,
• Monitoring the Group’s compliance with the applicable Data Protection standards and acting as a point of contact with supervisory authorities and data subjects.
• Creating policies that enforce compliance with legislation and deliver Data Protection training sessions to staff to increase awareness of data protection measures.
• Assisting the Finance Team with compilation and submission of KYC requests by banks and other regulated entities;
• Performing the client onboarding for wholesale clients in coordination with the wholesale team.

Duties and Responsibilites

• Identify and evaluate the Group’s data processing activities.
• In respect of the European operations, inform and advise the Group of its compliance obligations under the GDPR;
• In respect of the African operations, liaise with in house and/or external counsel in country to inform and advise the Group of its compliance obligations under the respective data protection laws.
• Provide guidance, oversight and challenge on all aspects of data protection & other privacy and compliance matters.
• Act as a point of contact on data protection matters for internal teams.
• Conduct and/or coordinate the conduct of the Data Protection Impact Assessments (DPIAs) or equivalent in country.
• Monitor data management procedures and compliance within the company.
• Participate in meetings with managers to ensure privacy by design at all levels.
• Maintain records of processing operations.
• Ensure the Group addresses all queries from data subjects within legal timeframes.
• Liaise with other organizations that process data on the Group’s behalf;
• Write and update detailed guidance documents on data protection policies;
• Perform audits and determine whether we need to alter the Group’s procedures to comply with regulations.
• Provide and/or arrange for training on applicable data protection compliance for employees
• Advise on relevant procedure to deal with privacy breaches
• Follow up with changes in law and issue recommendations to ensure compliance;
• Compiling documents and forms in response to KYC requests including by

Requirements

• MQF Level 6 Degree in Law or in a compliance related subject
• Comprehensive knowledge and experience of Data Privacy and Information Governance and a working knowledge of the applicable laws.
• Good knowledge of corporate structures and basic understanding of AML/FT policies and procedures.

 Skills

• Able to balance technical knowledge with wider business considerations, and work collaboratively to formulate a pragmatic, risk-based solution.
• Familiar with IT/Cyber security methodologies.
• Ability to handle confidential information.
• Ethical, with the ability to remain impartial and report all non-compliances.
• Superior organizational skills with attention to detail.
• Good level of spoken and written Maltese and English, French is optional but considered an asset.

Key Performance Indicators (KPIs)

• GDPR Compliance Monitoring

• • Annual Review of policies,  procedures and data processing agreements.

• Training and Awareness

• • Frequency and coverage of employee training sessions
  • Onboarding induction coverage for data protection
  • Tracking of refresher training and updates

• Data Subject Rights Management

• • Timeliness and accuracy in handling access, rectification, erasure, and restriction requests

• Incident and Breach Management

• • Annual report on data breaches showing a stable or decreasing trend;
  • Mean time to detect (MTTD) and respond (MTTR) to incidents within policy limits

• Third-Party Risk Oversight

• • Review and approval of sub-processor agreements
  • Monitoring of third-party compliance with privacy obligations

• Audit and Compliance Reviews

• • Completion of internal audits and gap analyses
  • Implementation of corrective actions from audit findings