Communication is our business!
unifonic provides solutions for better customer engagement through a cloud-based platform. We empower businesses to engage with their people through a variety of channels, making their communication conversational, more personalized, fun, meaningful, and with ease.
Our Approach: We are a team of missionaries that are passionate about learning, accountable to product success, have a deep understanding of our business context, and tangible empathy for our customers.
The Compliance Manager is a key stakeholder in the group’s compliance and is successfully collaborating across the Company’s various departments, assisting in driving forward the Company’s goals and initiatives. The Compliance Manager is managing and building the compliance team and compliance function for the business. The responsibilities of the Compliance Manager include but are not limited to:
- Guide the business on the applicability of cloud computing and data sovereignty-related regulations, as well as implement policies and strategies to comply with all such regulations.
- Guide the business on the applicability of telecommunications’ regulations, as well as implement policies and strategies to comply with all such regulations.
- Guide the business on sanctions regulations and applicability.
- Ensure compliance with Anti-Money Laundering and Anti-Bribery/Corruption regulations.
- Construct and implement the Data Protection Policy & Frameworks required, including all relevant policies and standards throughout the business.
- Install the relevant monitoring of compliance within the regulations, including GDPR, and Company policies and guidelines with respect to data protection.
- Provide recommendations on technical controls that support the protection of sensitive/PII throughout the data lifecycle.
- Review commercial agreements and contracts, including Data Processing agreements with data processors.
- Manage escalated queries from all parts of the business, bringing them to resolution by developing effective solutions.
- Continually develop, adapt and cascade a program of staff awareness training to achieve compliance and foster a culture of data privacy within the organization.
- Develop communications strategy, in line with corporate strategy to engage with the key stakeholders.
- Conduct risk assessments for high-risk processing in connection with GDPR requirements, including data security, security breach notifications, privacy by design, legitimate interest, purpose limitation, and fair processing.
- Represent the company in dealing with Data Protection Commission Officers, including complaints and data breach notifications.
- Track and maintain a log of all incidents, complaints, data breaches, and notifications, linking with the IS team to remedy with tangible solutions.
- Conduct GDPR Readiness assessments to assess information security measures with the support of the Operational Risk Management department and advice on remediation measures.
- Liaise regularly with DP authorities in each jurisdiction.
- Ensure full knowledge of any future changes to any part of the regulations, making remedial actions to continue compliance.
- Provide guidance for the IT Security activities in terms of procedures, policies, and management and reporting of incidents related to GDPR.
- Assist/support in legal proceedings as needed.
- Implement tools and processes necessary for the compliance function.
- Liaise with legal counsel internal and external.
- Monitor problematic situations.
- Help with process implementation and verification and participate in procedure updates.
- Take part in different projects under the supervision of the Director of Legal & Compliance.
- Research and evaluate different risk factors regarding business decisions and operations.
- Apply effective risk management techniques and offer proactive advice on possible legal issues.
- Liaise where necessary with governmental and regulatory agencies.
- Day-to-day management of the compliance team.
- Hands-on 8+ years of compliance-specific experience most of which must have been in the telecommunications sector.
- Proven experience in managing and building a team.
- Must be capable of drafting policies and procedures, reviewing, understanding, dissecting, and summarizing in a coherent manner contractual documents.
- Strong experience with data, data protection regulations, and cloud computing/data sovereignty regulations.
- Previous telecommunications or technology experience.
- Experience reviewing, drafting, and negotiating technology and/or telecommunications contracts.
- Ability to demonstrate experience building and maintaining complex compliance programs.
- Proven experience in building and executing a compliance plan, including information security, privacy, data protection, data hosting/sovereignty, and telecommunications compliance.
- Experience with and knowledge of GDPR, Soc II, and ISO 27001.
- Working experience with telecommunications and cloud computing regulations in Saudi Arabia is a strong plus.
- Fluent in English with excellent writing/editing and verbal communication skills, Arabic is a strong plus.