At Cathay Pacific, we share one common aspiration: to be the world's best airline. We believe in looking for the best in our people, in working as a team, in doing the right thing by our shareholders and our communities.
With a global team, we offer a diverse range of career choices and opportunities - in the air, on the ground; in customer service, in the office; managerial or professional roles. Our team of great people each plays a key role to deliver the quality service that we are famous for.
In this role, you will be part of a team which supports the Data Protection Officer (DPO) team of the Cathay Pacific Group in ensuring compliance with the Hong Kong Personal Data (Privacy) Ordinance (PDPO), the EU General Data Protection Regulation (GDPR), the Personal Information Protection Law (PIPL) and other relevant data protection laws across all regions in which the Cathay Pacific Group operates..
This is a great opportunity for a driven, motivated and hard-working individual to be part of a team with responsibility for a global data privacy compliance program and its implementation in practice. This role will give the successful candidate the opportunity to work in a fast-moving and cutting-edge field, within an exciting and multifaceted airline business.
The successful candidate will work out of Cathay Pacific Group’s offices in Hong Kong, and will work closely with a wide range of Cathay Pacific Group business units, including Procurement, IT, Digital, and People.
-Support the DPO team in monitoring compliance with the GDPR, PDPO, PIPL and other relevant data protection laws and engage with internal stakeholders to provide advice on data protection issues.
-Review, draft and provide advice on data protection-related clauses and issues in contracts, including in Data Protection Addenda (DPAs).
-Monitor internal processes for compliance with data protection laws, including with regards to the collection, retention, use and security of personal data.
-Advise on data protection impact assessments, including on when they are required, what methodology to follow, identifying key privacy risks and suggesting mitigation actions in compliance with relevant data protection laws.
-In conjunction with Digital, IT and the relevant Business Unit stakeholders, maintain and update Cathay Pacific Group’s records of processing activities which provides an overview of all personal data processing operations being carried out.
-Provide support in the investigation of privacy incidents and related follow-up activities.
-Support the DPO’s team in coordinating the responses to individual rights requests (e.g. access, deletion, rectification, opposition, etc.).
-Act as a key contact point and coordinate responses to the relevant data protection supervisory authorities.
-Along with the DPO team, provide data protection advice to the relevant internal stakeholders in responding authorities’ requests (e.g. from law enforcement bodies).
-Promote strong data protection standards through conducting training and awareness sessions to various Business Units and Outports.
-Support the DPO team in undertaking the Data Governance Monitoring Program which assess each Business Unit’s implementation of data protection controls
-A proven interest in global data protection laws and practices, with a focus on PDPO, GDPR, PIPL and other relevant data protection laws in which Cathay Pacific Group operates, and a strong desire to learn how these regimes relate to both customer and employee personal data.
-2 – 3 years of experience preferably in data protection, e.g., a legal, compliance or audit professional with 2-3 years of data protection experience or an IT specialist with 2-3 years’ experience of dealing with IT security and data protection issues. In-house experience in an organisation that has substantial personal data operations with a global footprint is preferred.
-High proficiency in office applications (including Word, PowerPoint and Excel).
-Fluent spoken and written English, Cantonese and Mandarin.
-Experience in using OneTrust and / or other privacy management software is advantageous.
-Candidates with privacy-related certifications are preferred, such as those from the International Association of Privacy Professionals (IAPP).
-Excellent communication and presentation skills and ability to interact with a wide range of stakeholders.
-High attention to detail, and able to see and understand the bigger picture.
-Extremely well organised and good at planning and managing his/her time as well as others.
-Ability to work flexibly and on multiple tasks.
-Mature and has a high sense of responsibility and accountability for their work.
-Excellent team player and able to work with people at all levels across the organisation.
Please Sign in
to view relevant information
Min. Yrs. of Experience