Information TechnologyFull-TimeJunior-level(1-2 yrs)
Job Description
Role Overview
The Data Protection Assistant will be responsible for ensuring that KCA University and its various functions comply with the requirements of the Kenyan Data Protection Act, 2019, its attendant regulations, and other relevant national legislation. The role involves monitoring internal data practices and supporting the Data Protection Officer in maintaining a robust compliance framework.
Key Responsibilities
Compliance & Audits: Assist in conducting Data Protection Impact Assessments (DPIAs) and compliance audits to ensure adherence to the Data Protection Act, 2019.
Policy Management: Support the development, review, and updating of data protection policies, procedures, and privacy notices.
Monitoring: Document and monitor data processing activities across university departments to identify compliance gaps and associated risks.
Data Subject Rights: Assist in handling requests from data subjects, including access, rectification, and erasure of personal data.
Awareness & Training: Participate in training and awareness campaigns focused on data privacy, information security, and compliance best practices.
Legal Research: Research emerging data protection laws, regulations, and best practices to support continuous institutional improvement.
Vendor Management: Assist in reviewing third-party data processing agreements to ensure vendors meet their data protection obligations.
Incident Response: Support incident response activities, including data breach reporting and implementing mitigation measures.
Reporting: Maintain accurate records of all data protection activities and generate comprehensive reports for the Data Protection Officer.
General Duties: Perform any other duties related to data protection and compliance as assigned.
Qualifications and Experience
Education: Bachelor’s degree in ICT or its equivalent from an accredited/recognised institution.
Experience: Minimum of one (1) year of relevant work experience in a University or a comparable institution.
Certifications: Data protection or privacy certifications (e.g., CIPP, CIPM, CIPT, CDPSE) are considered an added advantage.
Skills and Competencies
Technical Proficiency: Proficient in word processors, spreadsheets, presentations, and database management software.
Tools: Knowledge of data security and privacy tools.
Management: Strong change and project management skills.
Writing: Well-developed report writing skills for compliance documentation and audit reports.
Communication: Exceptional communication and interpersonal skills, with the ability to engage stakeholders at all levels.
