Data Protection Officer
Be #InGoodHands with Metrobank!
Here at Metrobank, we don't simply hire employees—we hone future leaders. We provide opportunities that enhance your skills and unlock your talents, helping you evolve into a well-rounded individual. We supply you with all the pieces you need to do your best work, unleashing your full potential to help you secure your future and lead a fulfilling career. And with Metrobank's strong heart for the community, you have the chance to give back and make worthwhile contributions to our nation's economic and social development. With Metrobank, a meaningful life is within your reach!
Position Title: Data Protection Officer
Job Summary:
- The DPO should monitor and ensure the Bank’s compliance to all data privacy laws and rules, especially R.A. 10173, otherwise known as “The Data Privacy Act of 2012” (DPA) and its Implementing Rules and Regulations, and issuances by the National Privacy Commission (NPC).
- Represents the Bank in all issues, disputes, cases and claims directly or indirectly related to data privacy before the NPC or any government agencies, courts or tribunals.
- Provides professional analysis and opinion on data privacy matters that affect the Bank and its data subjects. Develops and recommends policies and positions on both legal and data privacy issues.
Role Exposure:
1. Collects information to identify the processing operations, activities, measures, projects, programs, or systems of the Bank, and maintain a record thereof;
2. Analyze and check the compliance of processing activities, including the issuance of security clearances to and compliance by third-party service providers;
3. Ascertain renewal of accreditations or certifications necessary to maintain the required standards in personal data processing;
4. Advice the Bank as regards the necessity of executing a Data Sharing Agreement with third parties, and ensure its compliance with the law;
5. Ensure the conduct of Privacy Impact Assessments relative to activities, measures, projects, programs, or systems of the Bank;
6. Advice the Bank regarding complaints and/or the exercise by data subjects of their rights (e.g., requests for information, clarifications, rectification or deletion of personal data);
7. Ensure proper data breach and security incident management by the Bank, including the latter’s preparation and submission to the NPC of reports and other documentation concerning security incidents or data breaches within the prescribed period;
8. Inform and cultivate awareness on privacy and data protection within the Bank, including all relevant laws, rules and regulations and issuances of the NPC;
9. Advocate for the development, review and/or revision of policies, guidelines, projects and/or programs of the Bank relating to privacy and data protection, by adopting a privacy by design approach;
10. Serve as the contact person of the Bank vis-à-vis data subjects, the NPC and other authorities in all matters concerning data privacy or security issues or concerns and the Bank;
11. Cooperate, coordinate and seek advice of the NPC regarding matters concerning data privacy and security; and
12. Perform other duties and tasks that may be assigned by the Bank that will further the interest of data privacy and security and uphold the rights of the data subjects.
The DPO must have due regard for the risks associated with the processing operations of the Bank, considering the nature, scope, context and purposes of processing. Accordingly, he or she must prioritize his or her activities and focus his or her efforts on issues that present higher data protection risks.
Qualifications:
- Must be a Professional Lawyer
- Bachelor’s Degree in Juris Doctor, Law or equivalent
- Experience on reporting to regulatory bodies such as the NPC, BSP, or SEC required from banking industries
Other Details:
Rank: Senior Officer
Unit: Financial & Control Sector / Legal and Remedial Services Group / Data Privacy Department
Location: The Shops Grand Central Park, Taguig, BGC