We are seeking a Data Privacy Officer (DPO) responsible for ensuring the Bank’s compliance with GDPR and local data protection regulations, including the Jordan Data Protection Law (DPL). This role oversees how personal data is collected, processed, stored, and shared, while supporting all departments in implementing privacy requirements through effective controls, documentation, monitoring, and reporting.

Key Responsibilities:

• Ensure adherence to GDPR principles, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality

• Review customer and employee data processing activities to ensure regulatory compliance

• Maintain and regularly update the Record of Processing Activities (RoPA) across all departments, ensuring documentation covers purpose of processing, categories of personal data, data retention periods, legal basis for processing, third-party data sharing, and technical and organizational security controls

• Support departments in conducting Data Protection Impact Assessments (DPIAs) for new systems, products, or projects, identifying privacy risks and recommending mitigating controls

• Support data breach investigations in coordination with IT and Cybersecurity teams, ensure breach records are properly maintained, and facilitate regulatory reporting of significant breaches within required timelines

• Collaborate with IT Governance and Information Security to ensure role-based access controls, encryption of sensitive data, secure data transfer mechanisms, data retention and secure deletion processes, vendor assessments with data protection requirements, and effective logging and monitoring.

Core Knowledge & Technical Competencies:

• Knowledge of GDPR and Jordan Data Protection Law (DPL)

• Ability to conduct technical Data Protection Impact Assessments (DPIAs) and define required technical controls

• Experience assessing the implementation of technical controls across technology infrastructure

• Understanding of IT and Cybersecurity domains, including networking, cloud security, databases, access control and LDAP, encryption and pseudonymization, data flow analysis, risk assessment and treatment, third-party risk management, and cybersecurity monitoring

Minimum Requirements:

• Bachelor’s degree in business administration, Information Technology, or a related field

• Minimum 2 years of experience in Compliance, IT Governance, Risk Management, or Data Privacy

• Understanding of GDPR requirements and information security principles

Required Skills:

• Strong documentation and follow-up capabilities

• Good understanding of personal data handling and privacy controls

• Ability to collaborate effectively with IT and business stakeholders

• Strong communication skills in Arabic and English

• High attention to detail and accuracy

If you are detail-oriented, collaborative, and passionate about data privacy and regulatory compliance, we invite you to apply and be part of a team committed to protecting information and strengthening trust.

We are an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, national origin, or disability status.