Data Protection Officer – Orange Botswana

Compliance Officer

Reporting to the Director, Legal and Regulatory Affairs, the successful incumbent will be responsible for overseeing the organization’s data protection strategy and its implementation to ensure compliance with applicable data protection regulations, including the Data Protection Act of Botswana (2024) and other relevant international standards. The DPO will act as the main point of contact for data subjects, supervisory authorities and internal stakeholders on all issues related to data privacy and protection.

The main duties include but are not limited to:

Data Protection Compliance

• Develop and maintain data protection policies and procedures to ensure compliance with data protection regulations.
• Monitor compliance with data protection laws and organizational policies, including managing internal data protection activities, raising awareness, and providing training to staff.

Risk Management and Auditing

• Conduct regular assessments and audits to identify potential data protection issues and ensure compliance.
• Work with the risk management team to conduct data protection impact assessments and manage any potential risks to personal data.
• Develop and implement plans to mitigate identified data protection risks.

Data Subject Rights and Requests

• Act as the primary point of contact for data subjects regarding data protection issues, including requests to access or delete personal data.
• Data Breach Management
• Develop and maintain an incident response plan to handle potential data breaches.
• Lead investigations into data breaches and notify relevant authorities and data subjects as required by law.

Advisory Role

• Provide expert advice to the organization on data protection matters, including contract negotiations, third-party agreements, and data processing activities.

Liaison with Supervisory Authorities

• Serve as the organization’s contact point with data protection authorities.
• Coordinate responses to inquiries from data protection authorities and ensure proper documentation and record-keeping.

Skills:

• Strong knowledge of data protection laws and practices.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain complex data protection concepts to non-specialists.
• High ethical standards and a commitment to maintaining confidentiality and integrity.

Qualifications and Experience:

• Bachelor’s degree in Law, Information Security, Compliance, Business Administration or a related field.
• A Master’s Degree would be an added advantage.
• Professional certifications in Risk, Compliance & Data Protection and Privacy are
• highly desirable.
• Minimum of 5 years of experience in data protection, privacy, compliance, or a related field.
• Membership of International Association of Privacy Professionals (IAPP) is preferred.
• Proven track record of working with data protection laws and regulations, including GDPR and other relevant privacy laws.

Interested candidates who meet the minimum requirements can submit their applications, updated CV and certified copies of their academic certificates to: [email protected]

The subject window on email should only contain the title of the position being applied for.

Closing Date: 28 April 2025

Only selected candidates will be contacted for interview