Tadawul
Data Protection Senior Lead Specialist
- Permanent
- Riyadh, Saudi Arabia
- Experience 5 - 10 yrs
Job expiry date: 26/02/2026
Job overview
Date posted
12/01/2026
Location
Riyadh, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Compensation
Comprehensive package
Experience
5 - 10 yrs
Seniority
Senior & Lead
Qualification
Bachelors degree
Expiration date
26/02/2026
Job description
The Data Protection Senior Lead Specialist role is responsible for the development, implementation, oversight, and continuous improvement of the organizationās Data Protection and Privacy framework in Riyadh, Saudi Arabia. The position leads the design and execution of Data Protection policies, standards, and core program components, including processes, tools, templates, guidance materials, privacy notices, and control frameworks used by business lines to ensure compliance. The role defines protection risk assessment requirements, performs second-line risk-based monitoring, and enforces protection and privacy controls to ensure alignment with applicable regulatory requirements. It coordinates with business units, project teams, legal teams, and the data office within the regulatory body to deliver consent management, data governance, data protection principles, and data breach notification capabilities. The role reviews personal data inventories, oversees Data Protection Impact Assessments (DPIAs), develops and maintains DPIA methodologies and qualifiers, and ensures appropriate confidentiality consents, authorization forms, and information notices are in place. The Senior Lead Specialist liaises with supervisory authorities and regulators on data protection matters, reports protection program performance to management and committees, assesses protection maturity, and develops roadmaps to achieve target maturity states. The role also supports departmental operations, reporting, continuous improvement initiatives, policy adherence promotion, and acts as a backup to the Head of Department when required.
Required skills
Key responsibilities
- Develop and implement Data Protection policies, standards, and governance frameworks across the organization
- Support oversight of the development and implementation of the Privacy Framework, Policy, and Standards
- Design and maintain core Data Protection program components including processes, tools, templates, guidance, and privacy notices
- Define protection risk assessment requirements and perform second-line risk-based monitoring and enforcement of privacy controls
- Execute Data Protection programs and coordinate with business units and project teams to implement applicable protection requirements
- Deliver and implement competency-based training and awareness programs related to data protection policies and standards
- Maintain best-in-class data protection capabilities including consent management, data governance, protection principles, and data breach notification
- Ensure ongoing compliance with applicable data protection and privacy regulatory requirements
- Review personal data inventories and Data Protection Impact Assessment (DPIA) results across the organization
- Develop, maintain, and enhance DPIA methodologies and assessment qualifiers
- Collaborate with legal teams to maintain appropriate confidentiality consents, authorization forms, and information notices
- Identify and address organizational challenges related to data management and personal data protection
- Report Data Protection program performance to management and relevant governance committees
- Liaise with supervisory authorities and regulators on data protection and privacy-related matters
- Assess current data protection maturity levels and develop roadmaps to achieve target protection states
- Support the Head of Department and act as backup when required
- Carry out daily departmental operations in compliance with company standards, policies, and procedures
- Prepare accurate and timely departmental reports and promote continuous process improvement initiatives
Experience & skills
- Hold a Bachelor degree in Computer Science, IT Engineering, or equivalent, preferably with postgraduate qualifications
- Possess a minimum of 6 years of experience in data protection, privacy, or a related field
- Demonstrate expertise in data protection policies, privacy frameworks, DPIA, consent management, and regulatory compliance
- Have experience performing risk assessments, monitoring privacy controls, and liaising with regulators