Senior Compliance Officer
Communication is our business!
unifonic provides solutions for better customer engagement through a cloud-based platform. We empower businesses to engage with their people through a variety of channels, making their communication conversational, more personalized, fun, meaningful, and with ease.
Our Approach: We are a team of missionaries that are passionate about learning, accountable to product success, have a deep understanding of our business context, and tangible empathy for our customers.
Senior Compliance Officer
The Senior Compliance Officer is a key stakeholder in the group's compliance, and successfully collaborating across the Company's various departments, assisting in driving forward the Company's goals and initiatives. The Senior Compliance Officer is liaising where necessary with governmental and regulatory agencies. The responsibilities of the Senior Compliance Officer include but are not limited to:
- Guide the business on the applicability of cloud computing and data sovereignty related regulations, as well as implement policies and strategy to comply with all such regulations.
- Guide the business on the applicability of telecommunications' regulations, as well as implement policies and strategy to comply with all such regulations.
- Guide the business on sanctions regulations and applicability.
- Ensure compliance with Anti-Money Laundering and Anti-Bribery/Corruption regulations.
- Construct and implement the Data Protection Policy & Frameworks required, including all relevant policies and standards throughout the business.
- Install the relevant monitoring of compliance within the regulations, including GDPR, and Company policies and guidelines with respect to data protection.
- Provide recommendations on technical controls that support protection of sensitive/PII throughout data lifecycle.
- Review commercial agreements and contracts, including Data Processing agreements with data processors.
- Manage escalated queries from all parts of the business, bringing them to resolution by developing effective solutions.
- Continually develop, adapt and cascade a program of staff awareness training to achieve compliance and foster a culture of data privacy within the organization.
- Develop communications strategy, in line with corporate strategy to engage with the key stakeholders.
- Conduct risk assessments for high-risk processing in connection with GDPR requirements, including data security, security breach notifications, privacy by design, legitimate interest, purpose limitation and fair processing.
- Represent the company in dealing with Data Protection Commission Officers, including complaints and data breach notifications.
- Track and maintain a log of all incidents, complaints, data breaches and notifications, linking with the IS team to remedy with tangible solutions.
- Conduct GDPR Readiness assessments, assess information security measures with the support of the Operational Risk Management department and advice on remediation measures.
- Liaise regularly with DP authorities in each jurisdiction.
- Ensure full knowledge of any future changes to any part of the regulations, making remedial actions to continue compliance.
- Provide guidance for the IT Security activities in terms of procedures, policies, and management and reporting of incidents related to GDPR.
- Assist/support in legal proceedings as needed.
- Implement tools and processes necessary for the compliance function.
- Liaise with legal counsel internal and external.
- Monitor problematic situations.
- Help with process implementation and verification and participate in procedure updates.
- Take part in different projects under the supervision of the Director of Legal & Compliance.
- Research and evaluate different risk factors regarding business decisions and operations.
- Apply effective risk management techniques and offer proactive advice on possible legal issues.
- Hands-on 5+ years of compliance specific experience most of which must have been in the telecommunications sector.
- Must be capable of drafting policies and procedures, reviewing, understanding, dissecting and summarizing in a coherent manner contractual documents.
- Strong experience with data, data protection regulations, and cloud computing/data sovereignty regulations.
- Previous telecommunications or technology experience.
- Experience reviewing, drafting and negotiating technology and/or telecommunications contracts.
- Ability to demonstrate experience building and maintaining complex compliance programs.
- Proven experience in building and executing a compliance plan, including information security, privacy, data protection, data hosting/sovereignty, and telecommunications compliance.
- Experience with and knowledge of GDPR, Soc II, and ISO 27001.
- Working experience with telecommunications and cloud computing regulations in Saudi Arabia is a strong plus.
- Fluent in English with excellent writing/editing and verbal communication skills, Arabic is a strong plus.