Job Description
Contract Type: 3 Years Fixed-Term Contract
Duty Station: Gaborone, Botswana
Main Purpose of the Job
To maintain effective data protection policies, procedures and practices that mitigate the risks associated with handling personal data of various stakeholders. The Data Protection Manager will serve as the primary point of contact for all data protection matters within the institution and will be responsible for ensuring compliance with data protection laws and regulations, including Botswana’s Data Protection Act.
Key Performance Areas
- Develop, review and implement data protection policies, standards and procedures.
- Ensure the institution develops and implements robust technical and organizational safeguards to protect personal data against breaches, ensuring compliance with the security obligations outlined in the Data Protection Act. Such measures include automation with encryption, authentication, pseudonymization and others.
- Inform and advise the institution, including its employees, of their obligations under the Data Protection Act.
- Conduct regular audits and risk assessments to ensure compliance and effectiveness of internal controls in line with organizational methodologies.
- Lead investigations into data breaches or suspected breaches and produce reports on findings and implement corrective measures to prevent recurrence.
- Deliver training and awareness programmes for staff on data protection principles and responsibilities.
- Maintain a comprehensive record of data processing activities conducted by the College.
- Handle and respond to data subject requests within the required timeframes, ensuring proper verification and authentication procedures are followed.
- Serve as the point of contact for data subjects (e.g. students, staff and alumni) regarding their data rights (e.g. access, correction and deletion).
- Act as the primary liaison between the institution and the Information and Data Protection Commission.
Competencies and Skills Required
- Integrity
- Confidentiality
- Communication
- Leading Change
- Attention to Detail
- Analytical and Problem Solving
- Decision-Making and Judgement
- Results Focus and Commitment
- Decisiveness and Assertiveness
- Negotiation, Networking and Relationship Building
Experience and Qualifications
- Master’s Degree in Law, Data Science, Enterprise Risk Management, Information Management or a related field from a reputable institution.
- Professional certification in Data Protection and/or Privacy such as CIPP (Certified Information Privacy Professional), CIPM (Certified Information Privacy Manager), CDPO (Certified Data Protection Officer) or equivalent is required.
- Certificate in Enterprise Risk Management (if not already included in the Master’s qualification).
- Knowledge of IT systems and data governance.
- Knowledge of artificial intelligence technologies will be an added advantage.
Application Procedure
Applications accompanied by a cover letter, curriculum vitae, certified copies of ID and academic certificates should be emailed to:
Please state the position being applied for as the subject of the email.
Application Deadline: Friday, 10 July 2026 at 17:00 hrs.
Applications Should Be Addressed To
Head of Human Resources
Botswana School of Business Sciences
P/Bag 00319
Gaborone, Botswana
Note: Botswana School of Business Sciences will only correspond with shortlisted candidates.

