About the job
noon is the region's leading consumer commerce platform, having launched its consumer services in Saudi Arabia and the UAE in December 2017, and expanding to Egypt in February 2019. The noon ecosystem of services now includes marketplaces for food delivery, quick-commerce, fintech, and fashion. As a work in progress, we are excited to invite a new member to our team in the role of Head of Data Protection & Privacy, who will be instrumental in building a comprehensive data protection program that adheres to regional and global data privacy mandates.
In this role, you will focus on creating and implementing a data protection strategy, fostering collaborations with Legal, Internal Audit, the broader Information Security department, and Engineering functions. You will utilize engineering principles to address data protection challenges while driving compliance and privacy initiatives throughout the organization.
Responsibilities:
- Develop and implement a comprehensive data privacy framework, including policies, procedures, and processes such as Consent Management and Data Privacy incident management.
- Oversee the management of data protection requirements in compliance with SDAIA’s PDPL and other regional regulations.
- Establish metrics and reporting mechanisms for measuring data protection compliance and provide analysis to senior management.
- Conduct Data Protection Impact Assessments (DPIAs) and lead data privacy risk management activities.
- Act as the primary point of contact for regional data protection initiatives and provide operational support.
- Oversee vendor risk assessments and liaise with external vendors regarding privacy measures.
- Communicate data protection audit results and ensure proper documentation of project deliverables.
- Monitor compliance with data protection policies and maintain internal SLAs across the organization.
- Develop and maintain privacy documentation and procedures.
What you’ll need:
- A bachelor’s degree in Computer Science, Law, or a related field and relevant certifications (e.g., CISSP, data privacy certifications).
- Extensive experience in data privacy and protection, with a strong understanding of global privacy laws.
- Minimum of 5 years managing data protection and privacy framework requirements such as GDPR, CCPA, and ISO 27701.
- Proven experience conducting DPIAs and applying privacy by design principles.
- Strong knowledge of regional data protection standards and the ability to drive data protection projects independently.
Who will excel?
We are looking for resourceful doers who are both creative and analytical problem solvers, capable of thriving in a fast-paced and dynamic environment. If these values resonate with you, then this may be the ideal opportunity for you.
