Data Protection Officer

About the Job

Location: Makati City

Corporate Title: Assistant Vice President

Work Arrangement: Hybrid

Our Information Security & Data Protection Office team is looking for experienced professionals to join us in Makati City with the role of Data Protection Officer.

In this role, you will lead the Data Protection Office as the Data Protection Officer (DPO), ensuring compliance with the Data Privacy Act (DPA), its IRR, and relevant NPC regulations, while collaborating with data privacy leads to uphold the highest standards of data protection within the organization.

Going Further For You.

Whether you're just starting out, or already a seasoned professional, EastWest can help you unleash your potential, and bridge the gap between dream to success.

At EastWest, we empower our employees to drive their careers and are committed to provide the runway for them to grow. We value teamwork and individual initiatives. Join us and be part of a highly engaged team, and a workplace that promotes development and goal attainment.

For 30 years, EastWest has emerged as one of the most consumer-focused universal banks in the Philippines. EastWest is committed to continuously invest in people and in process, product, and service enhancements, and embrace new ideas to enhance the EastWest experience.

What the role will entail

• Ensure the banks compliance with the DPA, IRR, NPC issuances, and other relevant laws, maintaining records of processing operations and verifying third-party service providers' compliance with security standards.
• Advise the bank on data privacy compliance, including renewing accreditations, executing Data Sharing Agreements, and ensuring compliance with personal data processing standards.
• Oversee the conduct of Privacy Impact Assessments for relevant organizational activities, projects, programs, and systems.
• Guide the organization on managing data subject rights requests, including information, clarification, rectification, or deletion of personal data.
• Manage data breach and security incidents, ensuring timely reporting to the NPC as required by law.
• Foster awareness on privacy and data protection within the organization, advocate for policies, and promote a privacy-by-design approach.
• Act as the primary contact for data subjects, the NPC, and other authorities on data privacy matters, and coordinate with the NPC on privacy and security issues.

What we're looking for

• Bachelor's Degree in either Cybersecurity or law-related degree is ideal
• Strong working knowledge in data protection laws and regulations such as the Data Privacy Act of 2012 and GDPR
• Certified Information Privacy Professional (CIPP) or Certified Information Systems Security Professional (CISSP)
• At least 10 years of proven work experience in data privacy in the banking industry or similar environment
• Solid knowledgeable in Banking data privacy obligations and Risk Management Processes
• Ability to analyze situations, challenges, and problems with perceptiveness and provide effective insights to address concerns

What you can expect from joining our team

• Career development and training opportunities
• Competitive salary package and benefits
• Performance-based incentives and recognition programs to reward high-performing individuals
• Opportunity to work with industry experts and be mentored by them
• Defined career progression paths to guide you in your professional growth