Data Protection Manager
At Cathay Pacific, we share one common aspiration: to be the world's best airline. We believe in looking for the best in our people, in working as a team, in doing the right thing by our shareholders and our communities.
With a global team, we offer a diverse range of career choices and opportunities - in the air, on the ground; in customer service, in the office; managerial or professional roles. Our team of great people each plays a key role to deliver the quality service that we are famous for.
Highlight
Location: Hong Kong
Reports to: Senior Data Protection Officer
In this role, you will be part of a team which supports the Data Protection Officer of Cathay Pacific Group in ensuring compliance with the Hong Kong Personal Data (Privacy) Ordinance (PDPO), the EU General Data Protection Regulation (GDPR), the China Personal Information Protection Law, and other relevant privacy and data protection regulations, and in implementing and managing compliance with Cathay Pacific Group’s privacy and data protection policies. You will assist the DPO in ensuring compliance across all the countries in which the Cathay Pacific Group operates.
This is a great opportunity for a driven, motivated and hard-working individual to be part of a team with responsibility for a global privacy data protection compliance program and its implementation in practice. This role will give the successful candidate the opportunity to work in a fast-moving and cutting-edge field, within an exciting and multifaceted business.
The successful candidate will work out of Cathay Pacific’s offices in Hong Kong, and will work closely with a wide range of Cathay Pacific Group business units, including Commercial, IT, Digital, and People.
Closing Date: 2022-06-03
Reports to: Senior Data Protection Officer
In this role, you will be part of a team which supports the Data Protection Officer of Cathay Pacific Group in ensuring compliance with the Hong Kong Personal Data (Privacy) Ordinance (PDPO), the EU General Data Protection Regulation (GDPR), the China Personal Information Protection Law, and other relevant privacy and data protection regulations, and in implementing and managing compliance with Cathay Pacific Group’s privacy and data protection policies. You will assist the DPO in ensuring compliance across all the countries in which the Cathay Pacific Group operates.
This is a great opportunity for a driven, motivated and hard-working individual to be part of a team with responsibility for a global privacy data protection compliance program and its implementation in practice. This role will give the successful candidate the opportunity to work in a fast-moving and cutting-edge field, within an exciting and multifaceted business.
The successful candidate will work out of Cathay Pacific’s offices in Hong Kong, and will work closely with a wide range of Cathay Pacific Group business units, including Commercial, IT, Digital, and People.
Closing Date: 2022-06-03
Responsibilities
- To support the DPO in monitoring compliance with GDPR, PDPO, PIPL and other relevant data protection laws, including assignment of responsibilities, awareness-raising and assisting with the training of relevant staff, including those involved in processing operations
- To inform and advise the Cathay Pacific Group of its obligations and any risks under relevant data protection laws
- To develop, implement, manage and monitor internal policies and compliance processes for data protection, including with regards to collection, accuracy, retention, use, transparency, access and correction of personal data (including passengers and employees’ personal data)
- To advise on data protection compliance audits and impact assessments, including advising on when they are required, what methodology to follow, outsourcing, safeguards, whether or not the data protection impact assessment has been correctly carried out, and whether its conclusions are in compliance with relevant data protection laws
- Working closely with Digital and IT, to maintain and update Cathay Pacific Group’s register of processing activities which provides an overview of all personal data processing operations being carried out
- To coordinate, in relation to the above responsibilities and data protection generally, with other key teams within Cathay Pacific Group, including Commercial, IT, People and Digital
- With the DPO, to act as liaison and contact point between the Cathay Pacific Group and relevant data protection authorities
- With the DPO, to act as contact point for data subjects with regard to all issues related to processing of their personal data and to the exercise of their rights
- To act as intermediary between relevant stakeholders (e.g. supervisory authorities, data subjects, and Cathay Pacific Group BUs)
- With the DPO, to report and to work closely with senior management on important data protection compliance issues and risks to identify solutions and to express an opinion as to the best path forward to address such issues and problems that best meets the needs of the Cathay Pacific Group; and
- With the DPO, to report at various Steering Committee meetings to keep senior management abreast of changes to data protection laws
- To inform and advise the Cathay Pacific Group of its obligations and any risks under relevant data protection laws
- To develop, implement, manage and monitor internal policies and compliance processes for data protection, including with regards to collection, accuracy, retention, use, transparency, access and correction of personal data (including passengers and employees’ personal data)
- To advise on data protection compliance audits and impact assessments, including advising on when they are required, what methodology to follow, outsourcing, safeguards, whether or not the data protection impact assessment has been correctly carried out, and whether its conclusions are in compliance with relevant data protection laws
- Working closely with Digital and IT, to maintain and update Cathay Pacific Group’s register of processing activities which provides an overview of all personal data processing operations being carried out
- To coordinate, in relation to the above responsibilities and data protection generally, with other key teams within Cathay Pacific Group, including Commercial, IT, People and Digital
- With the DPO, to act as liaison and contact point between the Cathay Pacific Group and relevant data protection authorities
- With the DPO, to act as contact point for data subjects with regard to all issues related to processing of their personal data and to the exercise of their rights
- To act as intermediary between relevant stakeholders (e.g. supervisory authorities, data subjects, and Cathay Pacific Group BUs)
- With the DPO, to report and to work closely with senior management on important data protection compliance issues and risks to identify solutions and to express an opinion as to the best path forward to address such issues and problems that best meets the needs of the Cathay Pacific Group; and
- With the DPO, to report at various Steering Committee meetings to keep senior management abreast of changes to data protection laws
Requirements
- A good knowledge of Hong Kong and European data protection laws and practices, , and a good understanding of how these regimes relate to both customer and employee personal data. Deep understanding of other privacy and data protection regimes (e.g., China, Singapore, US) would be an advantage
- 5+ years of experience specializing in data protection and privacy, e.g. a privacy and data protection compliance professional with 5+ years’ experience in an international company, or a 5+ year PQE data protection lawyer with experience gained in a reputable law firm, . In-house experience in an organization that has substantial personal data operations is preferred
- Experience of promoting a data protection culture in a large organization, and dealing with issues relating to both customer and employee data, is an advantage
- High proficiency in office applications (including Word, PowerPoint, Excel and SharePoint)
- Fluent spoken and written English. Good spoken and written Cantonese and Mandarin is an advantage
- Excellent communication and presentation skills and able to interact with Senior Management with polished interpersonal skills
- Able to work and solve problems independently with minimum supervision. High attention to detail, and able to see and understand the bigger picture
- Extremely well organized and good at planning and managing his/her time as well as others
- Ability to work flexibly and on multiple tasks
- Mature and has a high sense of responsibility and accountability for their work
- Able to work with minimal supervision and guidance
- Excellent team player and able to work with people at all levels across the organization
- 5+ years of experience specializing in data protection and privacy, e.g. a privacy and data protection compliance professional with 5+ years’ experience in an international company, or a 5+ year PQE data protection lawyer with experience gained in a reputable law firm, . In-house experience in an organization that has substantial personal data operations is preferred
- Experience of promoting a data protection culture in a large organization, and dealing with issues relating to both customer and employee data, is an advantage
- High proficiency in office applications (including Word, PowerPoint, Excel and SharePoint)
- Fluent spoken and written English. Good spoken and written Cantonese and Mandarin is an advantage
- Excellent communication and presentation skills and able to interact with Senior Management with polished interpersonal skills
- Able to work and solve problems independently with minimum supervision. High attention to detail, and able to see and understand the bigger picture
- Extremely well organized and good at planning and managing his/her time as well as others
- Ability to work flexibly and on multiple tasks
- Mature and has a high sense of responsibility and accountability for their work
- Able to work with minimal supervision and guidance
- Excellent team player and able to work with people at all levels across the organization
Salary
Negotiable
Benefits
Please Sign in to view relevant information
Location
Validity
Expired