Required Duration: 1 year & Extendable Required Experience: Rel 5-7 years Work Location: Jubail, KSA Job Code: will be shared shortly
Job Brief–Data Protection & Information Officer, IT Security Enablement
Key Tasks and Responsibilities
Be the subject matter expert for Data Loss Prevention controls, working directly with other functional and business teams to drive Information Protection initiatives
Assess in creating policies to identify critical asset and Data
Support in creating Rule Responses based on the department\Division\BUrequirements
Support the administration of DLP tool
Maintenance of existing data leakage controls ,in response to changes in local law Organizational structure, or business needs .
Identify Business needs and assist in the ongoing review of Data Leakage programs, policies, and processes.
Provide information and guidance on the processing and classify of all personal data
Work with Incident Response teams to identify and enhance Data Leakage controls in response to incidents.
Utilize Symantec DLP to generate and maintain email\Web\Network monitoring policies.
Assist in the engineering assessment of Desktop DLP and applicability of rules
Co-ordinate Data Protection Act activities (including training) with other information governance leads e.g. Member Liaison Unit, Regional Managers, Records Management and Backup Staff etc.
Compile and validate statistical data to be used to determine the viability of implementing specific data leakage controls in the production environment
Develop, Implement and enforce a suitable and relevant Data Sharing Code of Practice and ensure that third parties which SABIC deals with comply with the necessary practices and agreements held.
Assist with investigations into complaints about breaches of the act and undertake reporting/remedial action as required. Maintain a log of any incidents and remedial recommendations and actions.
Provide comprehensive reports to the Head of Customer Support and Quality and Secretariat on the organizations compliance with the Data Protection Act and related provisions
Interpret and provide guidance to the organization on forth coming and actual changes to relevant legislation on Privacy and the Data Protection Act
Develop and implement a Privacy Impact Assessment tool
Define, update and maintain the retention schedule and physical items inventory log
Manage the SABIC Centre Information and archiving process, providing advice and guidance to users on the retention schedule, storage requirements and managing the relationship with the off-site archiving and storage provider
Symantec DLP expert in all three components (Data Atrest, Atmotion, Attransit)