13 Data Privacy jobs in South Africa

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

The Data Privacy Specialist - IT reporting into the global Data Privacy Corporate Implementation Services lead will be responsible for supporting the effective implementation and oversight of the Data Privacy program within the IT function globally. The Data Privacy Specialist - IT will work closely with stakeholders within the IT function to ensure that appropriate controls, across people, process and technology, are put in place to support compliance with data protection laws and regulations, industry standards and NTT DATA, Inc.'s global Data Privacy policies

Key Roles and Responsibilities

• Implementation of NTT DATA Inc.'s Data Privacy policies, processes, and standards within the IT function
• Implementation of Data Privacy strategic projects within the IT function globally
• Provide Data Privacy guidance on all operational and business as usual activities involving personal data within the IT function
• Support the IT function and provide input in the documentation of its record of processing and associated data flows and cross-border data transfers relating to the introduction or change in the way the organization processes personal data.
• Project manage the Data Privacy requirements of new initiatives, transformation projects and business as usual projects in the IT function globally
• Provide input and ensure the completion of Data Protection Impact Assessments and other Data Privacy assessments to assess the impact of new processing activities and business changes involving personal data
• Document and assess Data Privacy risks in the IT function and develop strategies to manage or mitigate them
• Monitor and report on the implementation and effectiveness of Data Privacy controls across the IT function
• Coordinate and support the response to data subject requests in accordance with applicable data protection laws and regulations and company Data Privacy policies and processes
• Coordinate and support in the investigation, response, resolution, notification, and closure of personal data breaches and other Data privacy Incidents in accordance with applicable data protection laws and regulations and company Data Privacy policies and processes
• Support IT in the vendor engagement process by ensuring Data Privacy assessments are completed, Data Processing Agreements (or equivalents) are in place and controls implemented for all new and existing vendors
• Document and implement a Data Privacy playbook specific to IT practices to provide guidance on Data Privacy requirements and controls
• Provide Data Privacy training and awareness specific to IT practices
• Monitor developments in global data protections laws and regulations, understanding the impact for NTT DATA, Inc. and the IT function and put in place appropriate mechanisms to support compliance
• Maintain your technical expertise by keeping abreast of developments in data privacy, participating in industry forums and undertaking continual training and development

Knowledge, Skills and Attributes

• Demonstrates accuracy and thoroughness and high levels of attention to detail
• Demonstrates strong analytical skills, including the ability to assess risk and impact from a data privacy and protection perspective
• Demonstrates a pragmatic and risk-based approach to data privacy
• Excellent leadership, creativity, presentation, writing and collaboration skills
• Excellent written and verbal communication skills (including leadership and no-leadership) and negotiation skills
• Ability to thrive under pressure, function and deliver effectively in a fast-paced environment
• Ability to work well independently and productively with minimal supervision
• Proactive in approach with high levels of motivation, being a self-starter with good planning and organizing skills
• Ability to work well in a team environment
• Demonstrates strong stakeholder engagement skills coupled with the ability to conduct presentations to both technical and non-technical stakeholders
• Positive role model, demonstrating the ability to coach, inspire and mentor others
• Strong critical thinking and decision-making skills
• Strong organizational and project management skills, including the ability to manage competing tasks and prioritize effectively
• Experience managing complex projects and working alongside cross-functional teams
• Deep knowledge of global data protection laws and regulations
• Operates with a high degree of integrity

Academic Qualifications And Certifications

• Bachelor's degree
• CIPT, CIPP, CIPM (Preferred)

Required Experience

• +5 years' experience in Data Privacy or related fields
• Experience in implementing Data Privacy programs and controls in IT functions in multi-national organizations
• Understanding of IT processes and frameworks
• Relevant degree and/or Data Privacy certifications and qualifications (e.g. CIPT)
• Experience in advising on complex data protection matters with practical advice
• Experience in risk management activities and practices (preferred)
• Experience in working with or advising large, multinational organizations
• Experience in working on compliance projects
• Experience in telecommunications, technology and/or professional services (preferred)
• Experience with One Trust, 6clicks (preferred)

What will make you a good fit for the role?

• Passionate about Data Privacy and up to date with the latest developments in Data Privacy globally
• Able to communicate effectively with internal and external parties at all levels
• Comfortable and proficient working in a role that interfaces with multiple cultures and time zones
• Analytical mind, initiative and able to work independently
• Excellent in time management and able to manage competing priorities
• Able to work under pressure
• Willing to travel locally or overseas

Workplace type:
Hybrid Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Who are we?

Sanlam Fintech is a newly established digital first business within the Sanlam Group on a mission to democratize financial advice and solutions for everyone across the African continent. We exist to pioneer inclusive financial confidence helping people build strong foundations to bridge the gap in generational wealth. Our culture us that of agility and constant deployment, we believe in learning fast, learning cheap and learning forward. Our aim is to provide a work environment where knowledge workers can accelerate the development of their ideas and bring innovation to market, at the same time provide compelling career and development proposition that will enable them to realize their dreams.

About the role

Join Sanlam Fintech and help shape the future of data privacy in one of Africa's most exciting digital transformation stories.

We're not just protecting data, we're enabling financial inclusion at scale. Sanlam Fintech is democratising financial services across Africa through AI-powered, digital-first solutions that reach millions of previously excluded consumers. As our Data Privacy Governance Officer, you'll be at the intersection of innovation and compliance, ensuring we grow responsibly while breaking new ground in partnerships with banks, media companies and beyond.

This isn't a box-ticking compliance role. This is about building privacy into our DNA as we scale across Africa, leverage AI responsibly, and navigate complex multi-partner ecosystems. If you're excited about solving privacy challenges that don't have a playbook yet, keep reading.

What will you do?

Build Privacy into Everything We Do:

• Design and embed privacy-by-design principles into new products, services and partnerships from day one
• Conduct Privacy Impact Assessments (PIAs) to identify and mitigate risks before they become problems
• Draft and review Data Sharing and Usage Agreements (DSUAs) that enable business innovation while staying compliant

Be the Privacy Guardian Across the Ecosystem:

• Ensure privacy governance structures are effective across all SFT business units and partner organizations
• Manage the end-to-end data breach response process - detection, reporting, and remediation
• Investigate and respond to PAIA requests and data privacy complaints
• Manage correspondence with the Information Regulator on behalf of the Cluster Information Officer

Drive Compliance and Assurance:

• Lead compliance assessments (self-assessments and maturity reviews) to ensure we meet regulatory requirements
• Partner with auditors and compliance functions to scope and execute monitoring programs
• Ensure all business units maintain up-to-date processing registers and data maps
• Turn audit findings into actionable improvements

Champion a Privacy-First Culture:

• Deliver engaging training sessions that make data privacy relevant and accessible for everyone
• Run simulated privacy incident exercises to keep teams sharp and prepared
• Launch and manage communications programs (monthly check-ins, quarterly forums, newsletters)
• Onboard and support Data Privacy Champions, Deputy Information Officers, and Information Officers across the cluster

Navigate Complex Regulatory Landscapes:

• Stay ahead of emerging AI governance and data privacy regulations
• Find innovative ways to enable data processing within regulatory constraints
• Support strategic objectives like cross-sell, upsell, and holistic client experiences - compliantly

What will make you successful in this role?

You're a Strategic Problem-Solver: You don't just spot compliance gaps - you find creative solutions that enable the business to achieve its goals while staying within regulatory boundaries. You understand that privacy and innovation aren't opposites; they're partners.

You're an Excellent Communicator: You can translate complex regulatory requirements into plain language that business stakeholders actually understand and act on. You can influence without authority and build genuine partnerships across teams.

You Think Like a Business Partner, Not a Blocker: You understand the business context and strategic objectives. You're there to enable, not prevent - finding the "how" when others see only obstacles.

You're Comfortable with Complexity: You can navigate a distributed operational environment with multiple legal entities, partners, and regulatory jurisdictions. You see the connections others miss and understand how data flows across boundaries.

You're Proactive and Resilient: Data breaches happen. Regulations change. Partners have different maturity levels. You stay calm under pressure, plan ahead, and continuously improve processes based on lessons learned.

You're a Culture Builder: You know that real privacy protection comes from people, not just policies. You're energised by the challenge of embedding privacy consciousness across an entire organisation through training, engagement, and leading by example.

What you'll need

Qualifications:

• Bachelor's degree in Information Technology, Law, MIS, Information Management, or related field
• Certifications such as CIPP (Certified Information Privacy Professional) or CIPM (Certified Information Privacy Manager) would be a significant advantage

Experience:

• 3-5 years in the financial services industry supporting or leading data privacy/regulatory programmes, processes, or practices
• OR experience in a compliance-related role with strong exposure to data privacy
• Experience working across multiple business units or in complex, matrixed environments is highly desirable

Skills & expertise

Essential Knowledge:

• Deep understanding of data privacy regulatory requirements impacting financial services (POPIA, PAIA, LTIA, PPR)
• Knowledge of privacy-by-design principles and Privacy Impact Assessment methodologies
• Understanding of data sharing frameworks and consent management
• Awareness of emerging AI governance and data privacy intersections

Technical Skills:

• Proficient with Microsoft Office suite (Word, Excel, PowerPoint, Teams)
• Analytical thinking - able to assess complex scenarios and identify privacy risks
• Project management - juggling multiple initiatives with competing priorities
• Problem-solving - finding pragmatic solutions to novel privacy challenges

Interpersonal Skills:

• Exceptional communication skills (written and verbal)
• Ability to influence and educate stakeholders at all levels
• Networking and relationship-building across organizational boundaries
• Training and facilitation skills

Personal Attributes

Decision quality - Contributing through others

Interpersonal savvy - Contributing through others

Optimises work processes - Contributing through others

Plans and aligns - Contributing through others

Build a successful career with us

We're all about building strong, lasting relationships with our employees. We know that you have hopes for your future – your career, your personal development and of achieving great things. We pride ourselves in helping our employees to realise their worth. Through its five business clusters – Sanlam Fintech, Sanlam Life and Savings, Sanlam Investment Group, Sanlam Allianz, Santam, as well as MiWay and the Group Office – the group provides many opportunities for growth and development.

Core Competencies

Being resilient - Contributing through others

Collaborates - Contributing through others

Cultivates innovation - Contributing through others

Customer focus - Contributing through others

Drives results - Contributing through others

Turnaround time

The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers.

Our commitment to transformation

The Sanlam Group is committed to achieving transformation and embraces diversity. This commitment is what drives us to achieve a diverse, inclusive and equitable workplace as we believe that these are key components to ensuring a thriving and sustainable business in South Africa. The Group's Employment Equity plan and targets will be considered as part of the selection process.

an excellent opportunity for a Legal graduate with risk, data probscy snd compliance exposure - at least 2 years to work in the online digital space

• Bachelor's degree in Law
• Minimum 2 years' experience in Data Privacy, Compliance or Risk Managment
• Experience with Privacy management platforms
• Familiarity with global privacy laws (GDPR, POPIA, etc.)

Job Types: Full-time, Permanent

Work Location: In person

Call for Consultants: Join Genesis Analytics' Data Governance, Data Privacy, Cyber Security Database

The digital transformation sweeping across Africa and the Young World has the potential to unlock unprecedented growth. However, this has also highlighted the increasing importance of strong cybersecurity, responsible data governance, and robust data privacy.

Genesis Analytics is inviting expressions of interest from skilled independent consultants or consulting firms with experience in the SADC, EAC, and WAEMU regions (Particularly, Kenya, Tanzania, Uganda, Rwanda, Burundi, Ethiopia, Zambia, Democratic Republic of Congo, eSwatini, Malawi, Mozambique) to join as partners in working with Governments and Digital Public Infrastructure providers in these regions. We're seeking committed professionals to help us navigate the complexities of Data Governance, Privacy, Cyber Security and especially at the interactions of DPI and AI, DPI, ensuring that as frontier technologies continue to sweep across Africa, its citizens are safeguarded by a secure digital ecosystem.

Who We Are

Genesis partners with key actors to deliver urgent, lasting impact in critical areas. Genesis, an impact consultancy founded, incorporated, and headquartered in Africa, has worked in 52 African countries and more than 100 countries globally. Uniquely, Genesis is focused on the Young World – the arc of countries with young populations stretching across Africa, the Middle East, South Asia, and parts of Southeast Asia.

Centre of Digital Excellence (C0DE) practice at Genesis supports governments, development partners and private firms to harness technology to achieve their development objectives. Our work focuses on three areas:

•  Technology Governance and Ethics: We work with governments, industry partners, and civil society organisations to navigate complex regulatory environments, ensuring compliance and fostering trusted digital innovations and programmes. We identify and mitigate regulatory gaps and compliance challenges early; and engage as thought leaders with diverse stakeholders to build consensus on data governance.


•  Digital Public Infrastructure: We work with governments and their international partners to reshape service delivery, social protection, and data-driven policies through innovative digital public infrastructure (DPI) solutions, including data exchange, digital payments, and digital identity. Our team identifies opportunities, assesses readiness, and implements full-scale DPI programs tailored for developing contexts. C0DE excels in driving digital transformation and improving public services across Africa. We've led national DPI initiatives in South Africa, Malawi, and Mozambique, and dozens of digital transformation initiatives across Africa to address complex social challenges.


•  Artificial Intelligence: We assist clients in navigating the complexities of AI and AI policy to maximise its economic and social benefits while mitigating risks. We identify, assess, and clearly communicate these complexities. We help clients to craft interventions that promote the adoption of responsible AI to benefit the Young World. Genesis has an advanced analytics competency which has supported numerous clients in the development and implementation of analytical tools, all relying on the integration of disparate datasets.

What We’re Looking For

We're expanding our pool of external experts and are looking for consultants with experience in the SADC, EAC and WAEMU regions in the following key areas:

Cyber Security

• Nationwide cybersecurity assessments, including evaluation of existing legal frameworks and governance structures.


• Cyberspace maturity self-assessment tools and leveraging a robust assessment methodology to ensure accurate results.


• Managing cyber security  projects in SADC, EAC and WAEMU, demonstrating a thorough understanding of unique regional challenges.


• Technical expertise in assessing information systems, including infrastructure, software, and networks, with in-depth knowledge of cybersecurity threats and best practices.


• Collaborating with governments and stakeholders to assess and recommend improvements based on international cybersecurity standards and best practices.

 Data Governance

• Creating and implementing data governance frameworks for national-level government or their digital programs


• Navigating complex regulatory environments and identifying and mitigating regulatory gaps to ensure compliance for governments and industry partners.


• Designing and overseeing the implementation of data policies, data lifecycle management, and secure data exchange protocols.


• Engaging as thought leaders with diverse stakeholders to build consensus on data governance

 Data Privacy

• Data Protection Impact Assessments (DPIAs) and advising on compliance with evolving data regulations for digital initiatives.


• Developing and implementing privacy-by-design principles for new technologies, including AI and DPI to protect the data of African citizens.


• Assessing existing legal frameworks and crafting interventions


• Providing expertise on data protection laws and their application in the design and implementation of nationwide digital programs.

 We are looking for:

•     Independent consultants and technical advisors with a minimum of 5 years of experience.


•     Global, regional, and country-level experts with policy, research, or implementation experience.


•     Practitioners with deep local knowledge and regional presence in Africa.

We are particularly interested in professionals who are value-driven, collaborative, and comfortable navigating complexity . We also value those with tactical experience of government systems and practical delivery challenges, and who are passionate about supporting the dignity, agency, and economic inclusion of people in low-resource settings.

Why Work with Us?

• We are rooted in Africa, and our teams reflect the regions we serve.


•  Our projects span strategy, systems strengthening, service delivery, and digital innovation.


•  We work with leading institutions, including the UN, the World Bank, and the Bill & Melinda Gates Foundation.


•   We invest in long-term relationships with our consultants, with many becoming trusted collaborators across multiple projects.

How to Express Interest

To join our consultant database, please submit the following:

•  Your CV (maximum 3 pages preferred).


•  A short cover note (250 words maximum) highlighting your areas of expertise, relevant experience, geographical location, and countries of work.


•  Optionally, links or samples of past work (e.g., reports, publications, evaluations).

P lease Note: This call for expertise does not constitute an offer of employment and is solely an invitation for independent subject matter experts to sign up and collaborate as external service providers on specialized assignments.

Engineer: Data Protection

Reporting-Operations and Services Sales Manager

Main Job Purpose

The Engineer: Data Protection is responsible for implementing and supporting data protection solutions for Company clients and the Company internally.

This includes ensuring the security, integrity, and recoverability of digital assets by leveraging technologies such as, but not limited to Dell Data Protection, Veeam, Microsoft and Druva. The role also encompasses aligning solutions with business continuity and regulatory requirements, ensuring seamless data recovery and protection, and providing operational support for these systems.

Minimum Desired Qualifications

• Bachelor's Degree in Information Technology, Computer Science, Business Administration, or a related field.
• Certification in data protection or relevant tools (e.g., Veeam Certified Engineer, Druva, Dell Data Protection Specialist)
• Microsoft Certified: Information Protection and Compliance Administrator Associate will be an advantage.

Minimum Desired Experience

• 5+ years of experience in data protection and backup technologies.
• Proficiency in Dell Data Protection, Veeam, and Druva solutions.

Minimum Desired Competencies

• Strong understanding of data protection principles, disaster recovery, and compliance.
• Familiarity with HCI, VMware, and enterprise storage technologies.
• Strong analytical and troubleshooting skills.
• Excellent organisational and time-management abilities.
• Effective communication and collaboration skills.
• Attention to detail with a focus on accuracy and reliability.
• Proficiency in creating and enforcing data protection policies compliant with regulatory requirements.

LIST OF DUTIES AND RESPONSIBILITIES:

Design and Implementation

• Design and deploy data protection systems tailored to organizational needs.
• Implement solutions with a focus on MS Data Protection, Dell Data Protection, Veeam, and Druva.
• Provide recommendations for improving existing data protection infrastructure.

Operational Management

• Manage and monitor backup and recovery operations to ensure data availability.
• Troubleshoot and resolve backup issues promptly to minimize downtime.
• Regularly test recovery procedures to validate effectiveness.

Policy Development and Compliance

• Create and enforce data protection policies compliant with government and industry regulations.
• Ensure compliance with data retention policies and contractual obligations.

Performance and Optimisation

• Create and enforce data protection policies compliant with government and industry regulations.
• Ensure compliance with data retention policies and contractual obligations.

Collaboration and Training

• Work with account managers, infrastructure teams, and business units to identify data protection needs.
• Provide training and support to staff on backup and recovery solutions.
• Liaise with vendors for technical support and system upgrades.

Documentation and Reporting

• Create and enforce data protection policies compliant with government and industry regulations.
• Ensure compliance with data retention policies and contractual obligations.

NOTE

The above job profile identifies the key areas of responsibility of the position and is not all - encompassing description of duties and tasks. The job profile may be subject to review from time to time. The incumbent will be required to perform similar such duties and tasks in any area of Data Protection as may be designated by management from time to time. The incumbent will at all times be required to render the highest level of courtesy and service to the Company even where such service may fall beyond the main duties or scope of this position.

Who We Are:
Clinigen is a rapidly growing global specialty pharmaceutical services business with a unique combination of services across the pharmaceutical lifecycle. We currently have over 1,000 employees headquartered in the UK with global offices in the US, EU (Belgium, Germany, France), Asia Pacific and South Africa.

The Role:
Reporting to the Global Head of Compliance, the new Data Privacy Manager will play a central role within the Compliance team, supporting Clinigen at a global level to assist with driving the business strategy through high quality and timely data privacy support. The role will be a broad one and will require an experienced data privacy professional who can interact seamlessly with senior leaders and other employees within Clinigen, with the ability to work on projects autonomously through to completion.

Key Responsibilities:

• Mapping personal data processes and assessing compliance risks, as well as managing regulatory required records, such as records of processing, data protection impact assessments, transfer risk assessments and legitimate interest assessments.
• Drafting and inputting on policies, processes, privacy notices and contracts in relation to data protection compliance
• Liaising with business units and service teams (including Legal, Compliance, IT and Clinigen's externally appointed DPO) in relation to company compliance, policies and risks
• Managing data breaches, including client communications and reporting, within tight timescales.
• Managing and responding to data subject requests, including access and deletion requests, within the regulatory required timescales.
• Training the business on data privacy compliance and ensuring compliance with global data protection regulations

Requirements

• Educational Background: Possession of a Law Degree or another relevant degree is required
• Privacy Expertise: Strong knowledge and experience of global data privacy laws is essential
• Compliance Frameworks: Proven experience in developing and managing data privacy compliance frameworks
• Communication Skills: Fluent in English (business level), both written and spoken, with excellent communication and relationship-building abilities across all levels, including senior leadership
• Work Ethic: Self-motivated, well-organized, and proactive in driving work and projects forward
• Analytical Mindset: Logical, process-oriented, and detail-focused with a common-sense approach to decision-making
• Professional Confidence: Able to make well-balanced, informed decisions with confidence

Benefits

• Annual Leave - 20 days per year
• Sick Leave - 30 days (3 year cycle)
• Family Responsibility Leave - 3 days per year
• Company Medical Aid Contribution - R2 200 per month (Discovery, Medihelp or Momentum)
• Discretionary company bonus
• 13th Cheque in Dec (Prorated par start date)
• GroupLife (Disability Cover, Death Benefit and Funeral Cover)

Interested? We would love to hear from you, please apply today for consideration

Company Description

Diopoint is a major player in the ICT and electronic security services sector in Southern Africa. Operating in all provinces in South Africa with under 100 employees, Diopoint competes on the basis of its passion for providing quality products and services. The Diopoint Group is known for its successful ICT projects and commitment to excellence.

Role Description

This is a full-time on-site role located in the City of Johannesburg for a Data Protection Engineer. The Data Protection Engineer will be responsible for safeguarding sensitive data through effective data privacy, cybersecurity, network security, and information security practices. Daily tasks include monitoring and managing security infrastructure, conducting vulnerability assessments, implementing security protocols, and ensuring compliance with data protection regulations

Our client is looking a
Data Protection Specialist with CIPPE Certification on a 12 month contract
. You must be a subject matter expert in POPIA data protection legislation, knowledge in commercial application of Data Protection Act 2018, General Data Protection Regulation and workinh with OneTrust.

Requirements:

• Relevant Degree/Legal Degree preferred.
• CIPP/E qualification essential. If not currently certificated, this would need to be attained to stay in role.
• Experience in working with OneTrust
• Hybrid role : 3 days at the office
• Available daily for collaboration across UK, South Africa, Brazil and Chile time zones.
• Detailed knowledge and commercial application of Data Protection Act 2018 and General Data Protection Regulation.
• Working understanding of IT governance and risk management techniques
• Excellent written and spoken English essential for board level papers
• Poise and communication skill to present at CorpCo and Audit Committee
• Strong working experience and subject matter expertise in POPIA data protection legislation and regulatory guidance.
• Experience of interpreting legislation, understanding the impact and communicating and implementing required changes.
• Ability to develop strategy and apply a proportionate and risk-based approach in a principle based regulatory environment
• Demonstrable ability to engage and influence third parties and key stakeholders, including senior management.
• The ability to define and collect evidence under pressure and ensure appropriate action is taken in a timely and effective manner.

You will required to:

• Drive a positive culture of data protection compliance and provide proactive advice and guidance of data protection matters relevant to operations and stakeholders.
• To engage with business stakeholders to manage privacy risks, working with and guiding business stakeholders to help them implement the Data Privacy policies and procedures, learning materials and ensure personal data processing activities are compliant with the Group Data Privacy Policy.