Data Privacy Officer at Korapay

Korapay is a payment infrastructure servicing a wide band of businesses making local and international payments. We are a marketplace for digital financial services across Africa. Our vision, which is at the core of what we do every day, is to create a world void of digital financial barriers across Africa. We are committed to delivering reliable, secure, and easy to use digital financial solutions to every single customer with a guarantee that it is improving their lives.

Job Title: Data Privacy Officer

Location: Lagos, Nigeria

Job type: Full-time

About The Role

• As the Data Privacy Officer at Kora, you will play a critical role in ensuring that Kora maintains the highest data protection and privacy standards.
• You will be responsible for overseeing our data privacy program, ensuring compliance with relevant laws and regulations, and implementing best practices for data protection. Additionally, you will develop and implement a comprehensive data privacy program, conduct regular audits and assessments, and provide guidance and training to employees.
• The Data Privacy Officer will also serve as the primary point of contact for data protection authorities and will be responsible for managing data protection inquiries and requests.
• They will work closely with the Information Security and Legal teams to ensure that data protection requirements are met across the organization.
• They will monitor changes in data protection laws and regulations and will update policies and procedures accordingly.
• In the event of a data breach or incident, the Data Privacy Officer will investigate and respond promptly to mitigate any potential harm.

Responsibilities
Here are a couple of things you’ll be doing:

• Develop and implement a comprehensive data privacy program in line with relevant laws and regulations, such as GDPR and NDPA.
• Collaborate with internal teams to ensure that data protection and privacy requirements are integrated into designing and implementing new products and services.
• Conduct regular audits and assessments to identify and mitigate privacy risks.
• Conduct privacy impact assessments (PIAs) to assess and mitigate privacy risks associated with new projects or initiatives.
• Develop and implement policies and procedures for data protection and privacy.
• Provide guidance and training to employees on data protection best practices.
• Serve as the point of contact for data protection authorities and manage data protection inquiries and requests.
• Monitor changes in data protection laws and regulations and update policies and procedures accordingly.
• Work closely with the Information Security team to ensure data protection requirements are met.
• Collaborate with the Legal team to review and negotiate data protection and privacy terms in contracts with third-party vendors and partners.
• Stay abreast of industry trends and best practices in data protection and privacy, and provide recommendations for continuous improvement of the data privacy program.
• Prepare and present regular reports to the Management team on the status of the data privacy program and any identified risks or issues.
• Investigate and respond to data breaches and incidents on time.
• Conduct comprehensive due diligence on existing and prospective third-party partners/vendors, assessing their compliance standards, cybersecurity measures, and overall risk exposure.
• Develop and maintain a standardized risk assessment framework, including criteria for evaluating potential risks associated with third-party relationships
• Monitor third-party vendors’ compliance with established policies, regulatory requirements, and risk management controls.
• Implement strategies to mitigate risks, such as contractual obligations, service level agreements (SLAs), and periodic vendor reviews
• Continuously improve the organization’s third-party risk management framework, integrating best practices and adapting to evolving risks and regulations.
• Ensure all third-party risk management processes align with relevant regulatory requirements (e.g., GDPR) and industry standards
• Prepare and present risk reports, including risk mitigation strategies and findings from ongoing monitoring activities to senior management and relevant stakeholders.
• Other duties as assigned by the CISO.

Requirements
Here’s what we are looking for:

• International Association of Privacy Professionals (IAPP) certification is preferred.
• Strong understanding of data protection laws and regulations, such as GDPR, NDPA, and other privacy regulations/legislations in Africa.
• Excellent communication and interpersonal skills.
• You are exceptionally driven and autonomous.
• Strong analytical and problem-solving skills.
• Ability to exhibit high levels of professionalism, integrity, and ethical values at all times.
• Ability to plan and prioritize own work under tight deadlines, as well as to work on own initiative and as a member of a team.
• You are comfortable working in a fast-paced environment – because we are a startup, we need someone who can easily adapt and work quickly to achieve results.
• Finally, you are an out-of-the-box thinker and think of new ways to disrupt the status quo.

Application Closing Date
Not Specified.

How to Apply: Interested and qualified candidates should Click Here to apply online