Data Privacy Specialist

Role Overview

We are seeking a skilled and detail-oriented

Data Privacy Specialist

to join our client’s compliance and cybersecurity team in

Riyadh, Saudi Arabia . This role is critical to ensuring that all personal data processing activities comply with the applicable data protection laws and standards, particularly those enforced by

SAMA ,

NCA , and the

Personal Data Protection Law (PDPL)

in Saudi Arabia.

The ideal candidate has hands-on experience in implementing privacy frameworks, conducting privacy impact assessments, and collaborating with cross-functional teams to embed privacy by design principles across systems and processes.

Roles and Responsibilities

Develop, implement, and maintain a comprehensive

Data Privacy Program

in alignment with

SAMA ,

NCA ECC , and

PDPL

requirements.

Conduct

Privacy Impact Assessments (PIAs)

and

Data Protection Impact Assessments (DPIAs)

for new projects, systems, and services.

Serve as the point of contact for

data subject rights (DSR) , including access, correction, deletion, and consent management.

Collaborate with cybersecurity, legal, IT, HR, and compliance teams to embed

privacy by design

and

privacy by default

principles.

Maintain and update records of processing activities (ROPAs) as required by law.

Monitor data flows and cross-border transfers to ensure regulatory compliance.

Provide input during vendor onboarding to assess third-party data protection risk and ensure data processing agreements (DPAs) are in place.

Develop privacy training, awareness sessions, and communication campaigns for internal stakeholders.

Stay current with evolving

KSA privacy regulations , global privacy standards (e.g., GDPR), and emerging privacy risks.

Support audit readiness and regulatory interactions, including responses to inquiries or investigations by

SAMA, NCA , or

Saudi Data & AI Authority (SDAIA) .

Requirements

Technical & Professional Skills

8 to 10 years of professional experience in

data privacy ,

information governance , or

cybersecurity compliance , preferably in

financial.

KSA PDPL ,

SAMA Cybersecurity Framework , and

NCA ECC

Global standards such as

GDPR ,

ISO / IEC 27701 , and

NIST Privacy Framework

Privacy tools and technologies for consent management, data classification, and data mapping

Strong experience conducting PIAs, managing DSARs, and advising on legal and technical data protection requirements.

Familiarity with

data loss prevention (DLP) ,

data governance ,

cloud privacy , and

third-party risk management .

Preferred Certifications

CIPT / CIPP / E / CIPP / M / CIPM

– (IAPP Certifications)

ISO / IEC 27701 Lead Implementer / Auditor

SAMA / NCA Compliance Training / Certifications

CISA / CISSP / CISM

– (a plus for hybrid privacy-security roles)

Personal Attributes

Ethical, discreet, and highly organized with a strong sense of confidentiality and integrity.

Proactive communicator with excellent interpersonal and stakeholder management skills.

Independent, reliable, and able to manage complex regulatory requirements with minimal oversight.

Immediate availability preferred.

Willingness to work onsite in Riyadh, Saudi Arabia.

#DataPrivacy #PrivacyJobs #CyberSecurity #PDPL #SAMA #NCA #SaudiArabiaJobs #RiyadhJobs #InformationGovernance #CIPP #CIPM #GDPR #ISO27701 #CISSP #CyberCompliance #KSAJobs #MiddleEastJobs #DataProtectionOfficer #PrivacyByDesign #PrivacyCompliance #HiringNow #ImmediateJoiners #DataProtectionLaw #NAZZTEC #SecurityAndPrivacy #CyberLaw #DataGovernance #PrivacyFramework #RiskAndCompliance