Data Privacy Specialist

About Us

Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.

SCB DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services and digital services holdings in Thailand and ASEAN. As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, SCB DATAx is the technology company to centralize data and provide AI and data science services and products to the group. With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.

We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.


About Team & Position

At DATAx, we are committed to ensuring that all of our customers' data is protected and that our work complies with data protection legislation. We’re seeking a Data Privacy member to help us improve our management of potentially sensitive information, carry out regular monitoring, and act as the main point of contact between DATAx and the data protection authorities.

In this role, your main task is to provide support, advice, and guidance to the business units regarding compliance with the Personal Data Protection Act (the PDPA) and other data protection laws as required. Also, your responsibility is to ensure that the rights and freedoms of the data subjects are fully respected

Responsibilities

  • Act as the primary point of contact within DataX for regulators, and any relevant public bodies on issues related to data protection, providing support as the DPO across SCBx
  • Develop and review a Data Protection Management Programme (DPMP) that covers policy, processes, procedures, and people for the handling of personal data at each stage of the data lifecycle.
  • Facilitating Privacy policy revises and updated as needed
  • Maintain records of processing activities (RoPA) carried out by DataX
  • Assisting with PIAs, LIAs and Privacy by design assessment
  • Liaise between related parties and data subject regarding the data subject's rights
  • Conduct privacy impact assessment during a change in process or technology that may process the personal data
  • Coordinate with key stakeholders and ensure the completeness on test scenario prepatation, UAT, training, business verification and go-live readiness checking
  • Coordinate the investigation of all personal data breaches; working with the business, IT, Information Security and others to swiftly address the issue, diagnose the cause and extent of the problem, develop remediation actions including managing communication with relevant impacted individuals and the supervisory authority
  • Handle complaints and requests by institutions, the data controller and data subject
  • Work with legal team to ensure completeness of third-party contract have required data privacy clause
  • Coordinate, harmonize and present outcomes to relevant committee
  • Enhance compliance processes based on an evaluation of gaps in business operations and data protection requirements, and clarify on ethically questionable situations at various stages of data or information life cycle
  • Support and communicate information about data privacy. Creating and maintaining a knowledge management and template repository
  • Devise training plans and provide data protection advice and support for members of staff. Promote a culture of data protection compliance across all units of the organization

Qualifications

  • Bachelor’s or Master’s Degree in Law, Technology or related fields.
  • Legal and technical expertise on data protection
  • Have significant hands-on privacy experience and expert knowledge of data protection law and practice for the purposes of implementing PDPA mandates
  • Ability to understand of all personal data processes and processing operations, IT systems and security needs within the organization
  • Ability to communicate complex privacy-related concepts and requirements in simple terms, including being able to translate regulator recommendations into internal guidelines and other documentation
  • Keep abreast of changes in law and technology that may change the threat landscape and, as a result, change DATAx's exposure to risk
  • Experience in technology risk management and IT compliance is advantage
  • Experience in deep technology about data analytic, data engineering, data modeling, machine learning, AI and cloud is advantage

Apply for this position

Resume / CV

Attach Resume (max 20 mb. pdf file only)

Other Files

Attach File (max 20 mb. pdf file only)

Other Links (Optional)

I have read and accept the privacy statement
Cookie Notice

This site uses cookies for performance, analytics, personalization and advertising purposes. For more information about how we use cookies please see our Cookie Policy.

Manage Consent Preferences Essential/Strictly Necessary Cookies

These cookies are essential in order to enable you to move around the website and use it’s features, such as accessing secure areas of the website

Analytical/Performance Cookies

These are analytics cookies that allow us to collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. This helps us to improve the way the website works and allows us to test different ideas on the site

Functional/Preference Cookies

These cookies allow our website to properly function and in particular will allow you to use it’s more personal features.

Targeting/Advertising Cookies

These Cookies are used by third parties to build a profile of your interests and show you relavant adverts on other sites. You should check the relevant third party website for more information and how to opt out, as described below.