Full-Time Senior Manager IT Data Protection

About the RoleThis position is critical to Simprints as a social enterprise working at the intersection of technology, global health, and international development. As the Senior Manager, IT and Data Protection, you will lead efforts to ensure legal compliance with global data protection regulations and support the ethical and privacy-first use of data in our operations.

This role will not only provide guidance and advice but also actively create and compile essential documents such as contracts, privacy notices, consent forms, Data Processing Agreements (DPAs), and Data Protection Impact Assessments (DPIAs). The goal is to empower our partners and internal teams with the tools and knowledge they need to implement privacy-first, responsible data practices effectively.

Key Goals

• Embed a privacy-first approach across Simprints’ projects, policies, and partnerships.
• Ensure compliance with legal and regulatory standards for data protection.
• Build and maintain trust with individuals, communities, and regulatory bodies.
• Engage in privacy advocacy work like writing blogs and attending conferences.

Key Responsibilities

Data Protection Compliance

• Develop, implement, and maintain Simprints' privacy and data protection strategy, ensuring compliance with global laws such as GDPR, CCPA, and emerging regulations.
• Monitor and advise on legal risks related to data privacy, providing actionable recommendations to senior leadership.
• Lead the development and review of privacy notices, Data Processing Agreements (DPAs), and other legal documents.

Regulatory Guidance

• Stay ahead of changes in global data protection regulations, ensuring Simprints remains compliant with evolving legal requirements in current and future countries of operation.
• Act as the primary point of contact for regulators, partners, and internal teams on legal data protection matters.
• Represent Simprints in legal and regulatory forums, sharing insights and building relationships with industry leaders and stakeholders.

Risk Management & Governance

• Conduct and oversee Data Protection Impact Assessments (DPIAs) to identify and mitigate potential risks.
• Work closely with technical teams to ensure legal requirements for data handling are met, while promoting privacy by design principles.
• Maintain records of processing activities (RoPA) and oversee data breach response procedures.

Training & Capacity Building

• Develop and deliver training for internal teams and partners on privacy laws, data protection obligations, and ethical data practices.
• Provide ongoing support to ensure a strong understanding of legal requirements across the organisation.

Skills

• Legal Expertise- Extensive knowledge of global data protection laws and frameworks, including GDPR, CCPA, and other international privacy standards.
• Communication & Advisory Skills- Strong ability to explain legal and regulatory concepts to technical, operational, and leadership teams.
• Risk Management- Experience conducting DPIAs, compliance audits, and privacy risk assessments.
• Foundational Technical Understanding- Familiarity with technical aspects of data management, including cloud computing, data flows, and encryption, to effectively collaborate with technical teams.

What is the last date for applying to the job?

Which countries are accepted for this remote job?