Assistant Vice President - Data Privacy - Legal Assistant Vice President - Data Privacy - Legal …

Hong Kong Exchanges and Clearing Limited
in Hong Kong
Permanent, Full time
Be the first to apply
Hong Kong Exchanges and Clearing Limited
in Hong Kong
Permanent, Full time
Be the first to apply
Assistant Vice President - Data Privacy - Legal

At HKEX Group, we are committed to best practices in handling Personal Data and that our work complies with applicable data protection laws and regulations. We are seeking a Data Privacy Analyst to report directly into the Group Data Protection Officer - principally to conduct day-to-day privacy operations to reinforce and support enhancements to the management of Personal Data against a backdrop of significant regulatory developments and the continued increase in enforcement actions in jurisdictions impacting the Group. The successful candidate will also play an important role in helping to ensure the DPO Office evolves in step with key business developments, particularly the Group's strategy in leveraging data and new technologies to drive innovation.

Working in the HKEX Group Legal Department you will play a critical operational role in supporting the Group's global operations. Our ideal team member will be proactive and have the confidence to handle operational tasks on their own initiative.

Objectives of this Role
  • Ensure the organisation's policy is in accordance with applicable data protection laws including, but not limited to GDPR, the Personal Data Privacy Ordinance of Hong Kong, the UK Data Protection Act, the Singapore Personal Data Protection Act, and the Personal Information Protection Law of the People's Republic of China;
  • Identify the areas of non or partial compliance with relevant policies and procedures of the Group and rectify any issues;
  • Deliver training for the Group and provide Privacy Risk Management support; and
  • Promote a culture of privacy and data protection compliance across all units of the Group.

Job Responsibilities:
  • Assist the DPO in the review of internal privacy and data protection policies, guidelines, and procedures, in consultation with key stakeholders and the implementation of privacy compliance mechanisms for HKEX on a group level;
  • Collate metrics and KPIs to monitor performance on the impact of Privacy Risk Management efforts;
  • Produce dashboards and input for reports to support the DPO;
  • Review management information that evidences the state of privacy and data protection compliance across the Group, and identify potential issues and risk factors - ensuring the DPO is updated as necessary;
  • Maintain data flow mapping and comprehensive records of processing activities - performing quality control to ensure consistency and alignment with policies and DOIs;
  • Assist the DPO in performing monitoring and review exercises (including privacy impact assessments) and driving the completion of risk-remediation plans;
  • Maintain the central repository of evidence for privacy and data protection compliance;
  • Populate and maintain the Data Risk Register and report on trends;
  • Assist the DPO with DSARs and other requests and enquiries - as well as verify the implementation of Data Subject preferences;
  • Support the DPO with third party management reviews;
  • Provide data privacy related advice to the business and support departments to ensure compliance with regulatory and the Group's requirements and standards on a day-to-day basis;
  • Support and coordinate with Compliance, Risk, and Internal Audit teams where necessary;
  • Support the development and delivery of data privacy training tailored to specific areas of the business, support departments, and stakeholders so as to increase awareness of policies, practices, and obligations across the Group;
  • Assist the DPO with the ongoing development of initiatives to embed data privacy considerations at the outset and enable the incorporation of requirements at the optimal point in the product / business process development cycle; and
  • Generally assist with administrative and other tasks as may be defined by the DPO to meet the operational needs of the Group's Privacy Risk Management Framework.

Job Requirements:

The ideal candidate is a qualified lawyer currently based in Hong Kong:
  • Up to 2 years PQE with a strong interest in Data Privacy issues, developments and regulatory change;
  • An understanding of and interest in IT infrastructure and technology (bonus);
  • Solid Excel and Powerpoint skills;
  • Excellent management skills and ability to interface easily with both internal staff at all levels and outside authorities;
  • Strong interpersonal and communication skills;
  • Solid research skills with strong attention to detail; and
  • Ability to work under pressure with changing priorities and manage sensitive and confidential information.

Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.
Hong Kong Exchanges and Clearing Limited logo
More Jobs Like This
See more jobs