Head of GDPR Compliance - Audit & Asset Protection - UAE

Apply now Job no: 552711
Location: UAE
Dubai Head Office

Role Profile:

A dynamic, self-motivated and forward-thinking individual who can work independently and lead a team of professionals that are focused on controlling, managing and enforcing the relevant security protocols related to GDPR compliance and data protection throughout all relevant impacted areas of the Alshaya business.


The below Key Performance Areas include but are not limited to:

  • Construct and implement the Data Protection Policy & Frameworks required, including all relevant policies and standards throughout the business
  • Install the relevant monitoring of compliance within the regulations, including GDPR, and Company policies and guidelines with respect to data protection
  • Provide recommendations on technical controls that support protection of sensitive/PII throughout data lifecycle.
  • Review commercial agreements and contracts, including Data Processing agreements with data processors
  • Manage escalated queries from all parts of the business, bringing them to resolution by developing effective solutions
  • Continually develop, adapt and cascade a programme of staff awareness training to achieve compliance and foster a culture of data privacy within the organisation
  • Develop communications strategy, in line with corporate strategy to engage with the key stakeholders
  • Conduct risk assessments for high-risk processing in connection with GDPR requirements, including data security, security breach notifications, privacy by design, legitimate interest, purpose limitation and fair processing;
  • Represent the company in dealing with Data Protection Commission Officers, including complaints and data breach notifications;
  • Track and maintain a log of all incidents, complaints, data breaches and notifications, linking with the IS team to remedy with tangible solutions;
  • Conduct GDPR Readiness assessments, assess information security measures with the support of the Operational Risk Management department and advice on remediation measures;
  • Liaise regularly with DP authorities in each jurisdiction
  • Ensure full knowledge of any future changes to any part of the regulations, making remedial actions to continue compliance
  • Provide guidance for the IT Security activities in terms of procedures, policies, and management and reporting of incidents related to GDPR
  • Assist/support in legal proceedings as needed





Expert knowledge of Data Protection Laws and regulations, including updates and amendments.

Previous roll out and project management knowledge required.

Strong understanding of ICT Security.

Proven expert knowledge of data protection technologies and enterprise scale deployment.


Minimum 3-5 years’ experience in the domain of data privacy / protection and actively contributed to GDPR Implementation projects


Results oriented.

Relevant certifications an asset, such as Certified Information Privacy Professional (CIPP/US or CIPP/E, or equivalent), Certified Information Privacy Manager (CIPM), Certified Information Systems Security Professional (CISSP) OR Certified Information Security Manager (CISM).

Relevant certifications an asset, such as Certified Information Privacy Professional (CIPP/US or CIPP/E, or equivalent), Certified Information Privacy Manager (CIPM), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).

Quality & Service minded

Conceptual and analytical problem solver

Must have good people skills and the ability to interact and communicate effectively, orally and in  writing, across all levels.

About Us:

Alshaya Group is a dynamic family-owned enterprise, first established in Kuwait in 1890. With a consistent record of growth and innovation, Alshaya Group is one of the world’s leading brand franchise operators, offering an unparalleled choice of well-loved international brands to customers.

Alshaya Group’s portfolio extends across MENA, Russia, Turkey and Europe, with thousands of stores, cafes, restaurants and leisure destinations, as well as a growing online and digital business.

Operating in multiple sectors including Fashion, Food, Health & Beauty, Pharmacy, Home Furnishings and Leisure & Entertainment, Alshaya Group colleagues are united by a commitment to authentically deliver great customer service and brand experiences.

Fresh, modern and relevant, Alshaya’s constantly evolving portfolio reflects the choices and lifestyle of its customers. From flagship stores and restaurants in prestige malls, through to local coffee shops, drive-thrus and online, Alshaya Group brings customers the brands they love in the places they want to be. Brands such as Starbucks, H&M, Mothercare, Debenhams, American Eagle Outfitters, P.F. Chang’s, The Cheesecake Factory, The Body Shop, M.A.C, Victoria’s Secret, Boots, Pottery Barn and KidZania.

Advertised: Arabian Standard Time
Application close: Arabian Standard Time

Back to search results Apply now Refer a friend

Share this:

| More