Privacy COE Lead

Job Description

IntroductionRole purpose: Vodafone Intelligent Solutions (_VOIS) has businesses in India, Egypt, Hungary, Romania and Albania. _VOIS is a key element in Vodafone s broader programme to transform, standardise and digitalise the management of various processes across commercial activities such as Customer Operations, Business, Corporate Functions, IT & Networks, and support functions such as Finance, HR and the security teams. The _VOIS strategy is underpinned by the safe, secure and compliant agenda which is its license to operate for serving Vodafone local markets and group functions. The Privacy CoE Lead is a global role acting as an interface between group privacy, local privacy functions and the _VOIS leadership. The role delivers the COE purpose of strategic planning, oversight of the overall privacy program and its consistent implementation across all centres. The role ensures compliance with privacy regulations, group policies and with _VOIS framework by implementing local procedures/ guidelines, performing risk management and assurance activities on the quality of control execution and owning governance and reporting deliverables. This is a specialist role under the central Risk & Compliance function established at _VOIS and reports directly to the Head of _VOIS Risk & Compliance CoE, rolling up to the General Counsel. Job DescriptionKey accountabilities and decision ownership: ESSENCE OF ROLE- Key Accountabilities 1.GDPR Program Management -Implement and operate the _VOIS privacy program and privacy improvement projects across _VOIS in line with Vodafone Group privacy program -Manage the key deliverables of the GDPR program implementation from designing annual plans, monitoring its execution, reporting status with the local DPPs, cross-functional owners and LT stakeholders -maintain the framework which supports compliant data processing across _VOIS -Verify that key processes/channels to identify privacy risks operate effectively (e.g. through Privacy Impact Assessment, Vendor on-boarding assessment, transition due diligence) -Ensure privacy risk management is operationalized, governance and reporting works effectively -Maintains an engaged privacy community within _VOIS consisting of all centres Data Privacy & Protection Officers (DPPOs), provides them with improvement opportunities, annual operational plans, identifies and shares good practices -Regularly gather status from the DPPOs and provide status update on their local progress -Conduct activities to review whether the data privacy policy requirements are followed in _VOIS -Ensure _VOIS level awareness raising, conduct niche trainings on the data privacy requirements and compute/report mandatory training completion status across _VOIS 2.Support to _VOIS Data Privacy Officer -Support local Data Protection & Privacy Officer in any kind of privacy related matters/incidents -Define _VOIS tailored Privacy Compliance approach with following Group requirements, the laws of the Data Controller and the GDPR regulation -Support _VOIS Privacy risk management and act as liasion for Group Privacy -Ensure oversight/assurance over the quality of the _VOIS privacy controls and resource/skillset availability of local privacy teams -Define monitoring and reporting to cater internal and external stakeholders needs incl all local markets and Group functions. 3.Inter-functional Relationships -Interact with _VOIS for all aspects of data privacy and with Vodafone Group based on the ways of working agreed with _VOIS -Liaise with Internal Audit as single focal point -Liase with Information Security and Corporate Security -Ensure that Business and Support functions and Process Owners and others involved in the DP activities are fully aware of their responsibilities and delivering against expected timelines and quality -Interacts with functional privacy champions for sharing and considering good practicesDescriptionCore competencies, knowledge and experience Must have technical / professional qualifications: -6-9 years experience in Big 4 consulting firms delivering data privacy projects (E) -University Graduate with CA / M.B.A/ Legal Professional Qualification (E) -CIPP-E/CIPM certified (D) -Exposure to working with Senior Management (E) -Advanced expertise on MS Powerpoint, excel, word and visio (E) -Problem solving and decision making (E) -Persuasive, motivates and delivers (E) -Fluency in English (E) -IT Literacy (D)Key performance indicators: Typical Outputs Privacy Management Framework Annual Privacy Plan Privacy Line of Sight report Operational Issue Register DP assurance review reports (EBT, Internal audit and need based assurances) Internal control recommendation for improvements Operational issue registers updated KPI reporting to Group, _VOIS and Management Awareness raising outputs (comms, training materials) High risk role identification and completion results Transition due diligence privacy questionnaire Privacy CEO & GMT statements Besides the tasks listed item by item in the role profile - within the framework of the position determined in the employment contract - the Employee is obliged to fulfill tasks as well of which his/her line manager instructs him/her to fulfill. In addition, the scope of the job responsibilities are also determined in the Performance Dialogue as the annual individual objectives of the Employee, in the training materials related to the position and in the process descriptions regulating the method of the tasks fulfillment. #_VOIS,

Keyskills :
impact assessmentawareness raisingstrategic planningprivacy regulationsinternal auditrisk managementdata processingprivacy complianceinformation securitycustomer operationsinternal controldue diligence