Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
Reporting to the Head, Enterprise Data Governance, the Senior Data Privacy Operations Manager will be responsible for the end-to-end governance of data privacy and protection within the organization, day-to-day operational aspects of data privacy, including handling data subject requests, managing privacy impact assessments and supporting incident response. The candidate will be instrumental in shaping a privacy-first culture and driving initiatives across the business while safeguarding sensitive data assets.ROLE DUTIES & RESPONSIBILITIES:
Data Subject Rights Management
- Lead, coordinate and ensure timely response to privacy enquiries and complaints from various sources
Privacy Impact Assessment (PIA) and Third-Party Assessments
- Oversee, coordinate and perform PIA for new and existing projects, products and services
- Perform annual PIA certification exercise to ensure that all PIA is kept up to date and reviewed on a regular basis
- Participate in governance forums on third parties and be accountable for ongoing assessments
- Prepare responses on questionnaires from external parties for privacy assessment
Data Breach Incident Management
- Lead the investigation, documentation, and containment of privacy incidents and data breaches, ensuring all remediation steps are executed promptly.
- Manage notification processes for affected parties and regulatory authorities
- Attend and collate information on tech and non-tech privacy incidents for assessment by L2
- Lodging/reporting of data breach to Group Privacy
Gap Assessments
- Perform gap assessment on regulatory changes
- Lead and work with stakeholders on identified gaps
Risk Control Self-Assessment
- Perform Privacy RCSA and scenario analysis as 1st line owner
Training and Awareness
- Formulate and maintain privacy training materials to staff and agents
- Work with relevant stakeholders to ensure smooth implementation and completion of privacy training
- Prepare and circulate privacy awareness materials
Audits
- Lead, coordinate and facilitate privacy related audit
- Ensure timeliness in submission of RFIs and closure of audit items
Reporting
- Be responsible to prepare and submit privacy related metrics to various stakeholders
Privacy Champion Programme
- Drive and execute privacy champion programme within the company
Other Matters
- Champion privacy-by-design and privacy-by-default methodologies in new systems, processes, and customer journeys.
- Monitor changing regulatory landscapes and interpret how new laws and guidelines impact company operations and policies.
- Drive continuous improvement initiatives to enhance privacy controls and the overall data protection framework.
- Work closely with L2 data privacy team to ensure compliance with local privacy law (i.e. PDPA) and Group Privacy Policy
- Drive and coordinate privacy solution implementation within company
- Stay up-to-date on evolving privacy regulations, conduct regulatory gap analysis, and provide guidance to the organization on adapting to new requirements
- Work closely with manager to achieve team and company objectives, including completing assigned tasks
WHO WE LOOKING FOR:
Competencies & Personal Traits
- Driven and Self-initiated individual
- Strong stakeholder management
- Strong communication skills, ability to storyline and engage in focused discussions
- When empowered, not afraid to make decisions
- Operates effectively even when things are not completely certain
Working Experience
- 5-7 years’ experience in data privacy, or technology risk management and compliance, or related field
Professional Qualifications and Technical Knowledge
- Strong expertise in local data privacy regulations, ideally with relevant privacy-related certifications (e.g. Practitioner Certificate in Personal Data Protection (Singapore), CIPM, CIPP/A)
- Experience in working in a diverse organisation and across front to back business processes
Education
- Degree holder of any business/ financial related discipline
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.
