Data Privacy Officer HACN
恒生银行(中国)有限公司
- 公司规模:1000-5000人
- 公司性质:外资(非欧美)
- 公司行业:银行
职位信息
- 发布日期:2022-06-29
- 工作地点:上海-浦东新区
- 工作经验:8-9年经验
- 学历要求:本科
- 职位月薪:4.5-8万
- 职位类别:风险控制
职位描述
Principal responsibilities
Data Privacy Officer (DPO) is responsible for ensuring HACN (“the Bank”) meets its obligations under data protection and privacy laws within its particular jurisdiction. DPO provides expert advice, guidance and direction and support the necessary standards and controls to enable the Bank, including its employees and relevant third parties, to manage privacy risks and comply with obligations under data protection laws in relation to the processing of personal data.
Reporting to Chief Risk Officer HACN, the role holder is the designated DPO within jurisdiction in China and is responsible for carrying out the following tasks:
Informing and advising the business and its employees of their data privacy and protection compliance obligations;
Providing expert guidance, oversight and challenge on all aspects of data protection and privacy risk strategy and compliance focusing efforts on areas that present higher data privacy risks;
Monitoring compliance with data privacy provisions and with the Bank and Group policies relating to the protection of personal data, including the assignment of responsibilities, staff education and awareness training, and ensuring remediation of any related audit findings;
Reviewing and advising on Data Protection Impact Assessments (DPIAs) and monitoring performance of mitigations, where necessary;
Organizing data security publicity and awareness training, risk assessment, emergency drills
Developing and implementing data protection plan and data security incidents contingency plans;
Monitoring and supporting personal information security impact assessments and proposing countermeasures for personal information protection;
Acting as the contact point internally and externally with data subjects and the regulatory authority;
Advising on, and providing the business with support, to ensure the necessary safeguards and controls are in place to ensure compliance with requirements for international data transfers by identifying all circumstances in which personal data is transferred outside of the relevant jurisdiction; and
Providing incident management advice and/or support as needed and ensuring that data incidents and breaches are responded to and managed effectively with data subjects and that the relevant authorities are informed within necessary timeframes.
Qualifications:
Bachelor degree or above, over 8 years’ experience and track-record in data protection and legal compliance;
Comprehensive knowledge and experience of Data Privacy and Information Governance;
PRC legal Qualification and data protection qualification are preferred;
Relevant data protection or privacy certification such as CIPP (preferred);
Solid knowledge of the Cybersecurity Law, Personal Information Protection Law and Data Security Law of the People's Republic of China;
Knowledge of data processing operations in the financial industry is preferable;
Familiar with cyber security and data life cycle management;
Corporate experience and Compliance experience an advantage, but not essential;
Detailed knowledge of the Bank and Group corporate structures, its business and personnel, and a clear understanding of its corporate culture;
Experience in communicating, interacting and maintaining good working relationships with supervisory authorities;
Strong written and verbal communication skills; Fluent in both written and spoken English/Mandarin;
Ability to develop and deliver training materials;
Well-developed and professional interpersonal skills; ability to interact effectively with people at all organizational levels;
Ability to work unsupervised, exercise leadership and influence change;
Ability to use independent judgement and discretion when making the majority of decisions;
Detail-focused approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
Data Privacy Officer (DPO) is responsible for ensuring HACN (“the Bank”) meets its obligations under data protection and privacy laws within its particular jurisdiction. DPO provides expert advice, guidance and direction and support the necessary standards and controls to enable the Bank, including its employees and relevant third parties, to manage privacy risks and comply with obligations under data protection laws in relation to the processing of personal data.
Reporting to Chief Risk Officer HACN, the role holder is the designated DPO within jurisdiction in China and is responsible for carrying out the following tasks:
Informing and advising the business and its employees of their data privacy and protection compliance obligations;
Providing expert guidance, oversight and challenge on all aspects of data protection and privacy risk strategy and compliance focusing efforts on areas that present higher data privacy risks;
Monitoring compliance with data privacy provisions and with the Bank and Group policies relating to the protection of personal data, including the assignment of responsibilities, staff education and awareness training, and ensuring remediation of any related audit findings;
Reviewing and advising on Data Protection Impact Assessments (DPIAs) and monitoring performance of mitigations, where necessary;
Organizing data security publicity and awareness training, risk assessment, emergency drills
Developing and implementing data protection plan and data security incidents contingency plans;
Monitoring and supporting personal information security impact assessments and proposing countermeasures for personal information protection;
Acting as the contact point internally and externally with data subjects and the regulatory authority;
Advising on, and providing the business with support, to ensure the necessary safeguards and controls are in place to ensure compliance with requirements for international data transfers by identifying all circumstances in which personal data is transferred outside of the relevant jurisdiction; and
Providing incident management advice and/or support as needed and ensuring that data incidents and breaches are responded to and managed effectively with data subjects and that the relevant authorities are informed within necessary timeframes.
Qualifications:
Bachelor degree or above, over 8 years’ experience and track-record in data protection and legal compliance;
Comprehensive knowledge and experience of Data Privacy and Information Governance;
PRC legal Qualification and data protection qualification are preferred;
Relevant data protection or privacy certification such as CIPP (preferred);
Solid knowledge of the Cybersecurity Law, Personal Information Protection Law and Data Security Law of the People's Republic of China;
Knowledge of data processing operations in the financial industry is preferable;
Familiar with cyber security and data life cycle management;
Corporate experience and Compliance experience an advantage, but not essential;
Detailed knowledge of the Bank and Group corporate structures, its business and personnel, and a clear understanding of its corporate culture;
Experience in communicating, interacting and maintaining good working relationships with supervisory authorities;
Strong written and verbal communication skills; Fluent in both written and spoken English/Mandarin;
Ability to develop and deliver training materials;
Well-developed and professional interpersonal skills; ability to interact effectively with people at all organizational levels;
Ability to work unsupervised, exercise leadership and influence change;
Ability to use independent judgement and discretion when making the majority of decisions;
Detail-focused approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
公司介绍
恒生银行(中国)有限公司于2007年5月成立,为恒生银行全资附属公司,业务覆盖至珠三角、长三角及环渤海区域,同时辐射中西部地区。目前在内地20个城市设有分支行(包括北京、上海、广州、深圳、福州、南京、东莞、杭州、宁波、天津、昆明、厦门、成都、济南、佛山、中山、惠州、珠海、江门及汕头)。恒生银行的成功有赖于一群勤奋进取的员工为客户提供优质及专业的服务。员工乃本行最宝贵的资产,所以我们格外珍惜每一位员工及重视他们的个人职业发展。
恒生银行价值观是指:
我们尊重差异
发掘不同观点
我们携手共赢
不分彼此,密切合作
我们勇于承担
恪尽职守,放眼未来
我们全力以赴
稳步前行,把握机遇
如果您正在寻求一个多元化和富有挑战性的职业发展机会,如果您认可恒生银行的价值观,欢迎马上加入我们的行列,一起发展您的事业,开拓未来。具体招聘信息请登陆51JOB查看,或发简历至邮箱 HACNRECRUITER@HANGSENG.COM
请您在向我们提供个人信息前仔细阅读《职位申请人及非职员工作人员个人信息保护政策》。
Established on 28 May 2007, our wholly owned subsidiary Hang Seng Bank (China) Limited operates a mainland China network of outlets in Beijing, Shanghai, Guangzhou, Shenzhen, Fuzhou, Nanjing, Dongguan, Hangzhou, Ningbo, Tianjin, Kunming, Xiamen, Chengdu, Jinan, Foshan, Zhongshan, Huizhou, Zhuhai, Jiangmen and Shantou.Our most treasured asset is our employees and that's why we care about their success as much as they do.
The value of Hang Seng Bank is:
We value difference
Seeking out different perspectives
We succeed together
Collaborating across boundaries
We take responsibility
Holding ourselves accountable and taking the long view
We get it done
Moving at pace and making things happen
If you are seeking a dynamic and challenging career, if you recognize bank's value, invest in your future by joining the Bank that will invest in you. Please login 51JOB website to seek more detail information, or you can send your latest cv to mailbox: HACNRECRUITER@HANGSENG.COM
英文版:To apply for a position in the Hang Seng Mainland China, all applicants or staff of third party vendors must read and acknowledge the following Personal Information Protection Policy for Job Applicant and Third Party Vendor's Staff carefully.
中文版:《职位申请人及非职员工作人员个人信息保护政策》适用于恒生中国的职位申请人及为我们提供服务的第三方工作人员。请您在向我们提供个人信息前仔细阅读本政策。
恒生银行价值观是指:
我们尊重差异
发掘不同观点
我们携手共赢
不分彼此,密切合作
我们勇于承担
恪尽职守,放眼未来
我们全力以赴
稳步前行,把握机遇
如果您正在寻求一个多元化和富有挑战性的职业发展机会,如果您认可恒生银行的价值观,欢迎马上加入我们的行列,一起发展您的事业,开拓未来。具体招聘信息请登陆51JOB查看,或发简历至邮箱 HACNRECRUITER@HANGSENG.COM
请您在向我们提供个人信息前仔细阅读《职位申请人及非职员工作人员个人信息保护政策》。
Established on 28 May 2007, our wholly owned subsidiary Hang Seng Bank (China) Limited operates a mainland China network of outlets in Beijing, Shanghai, Guangzhou, Shenzhen, Fuzhou, Nanjing, Dongguan, Hangzhou, Ningbo, Tianjin, Kunming, Xiamen, Chengdu, Jinan, Foshan, Zhongshan, Huizhou, Zhuhai, Jiangmen and Shantou.Our most treasured asset is our employees and that's why we care about their success as much as they do.
The value of Hang Seng Bank is:
We value difference
Seeking out different perspectives
We succeed together
Collaborating across boundaries
We take responsibility
Holding ourselves accountable and taking the long view
We get it done
Moving at pace and making things happen
If you are seeking a dynamic and challenging career, if you recognize bank's value, invest in your future by joining the Bank that will invest in you. Please login 51JOB website to seek more detail information, or you can send your latest cv to mailbox: HACNRECRUITER@HANGSENG.COM
英文版:To apply for a position in the Hang Seng Mainland China, all applicants or staff of third party vendors must read and acknowledge the following Personal Information Protection Policy for Job Applicant and Third Party Vendor's Staff carefully.
中文版:《职位申请人及非职员工作人员个人信息保护政策》适用于恒生中国的职位申请人及为我们提供服务的第三方工作人员。请您在向我们提供个人信息前仔细阅读本政策。
联系方式
- Email:HACNRECRUITER@HANGSENG.COM
- 公司地址:陆家嘴环路恒生大厦