Data Protection Analyst


The key responsibilities for this role include but not limited to the following:

  • Implements measures and a privacy governance framework to manage data use in compliance with the Act, the GDPR and any other applicable regulations including developing templates for data collection, assisting with data mapping, and vendor management reviews;
  • Works with key internal stakeholders in the review of projects and related data to ensure compliance with applicable data privacy laws, and where necessary, completes and advises on privacy impact assessments;
  • Serves as the primary point of contact and liaison for the Zambia Information and Communications Technology Authority (ZICTA), the Data Protection Office, Bank of Zambia, CCPC and other Data Protection Authorities on all data protection related matters;
  • Supports the business as the primary point of contact for queries in the business;
  • Reviews vendor contracts (including Model Clauses) and consents needed to implement projects in consideration of the data protection and information security obligations and standards, and ensuring requirements with local regulators are achieved;
  • Participates in Data Privacy / Information Governance Committee;
  • Manages and conducts ongoing reviews of company‚Äôs data privacy and governance framework;
  • Monitors changes to local privacy laws and making recommendations to the Executive Committee when appropriate;
  • Develops and delivers privacy training to various business functions;
  • Develops strategies and initiatives to ensure engagement with key internal and external stakeholders;
  • Conducts data privacy audits and periodic reviews to ensure compliance with regulatory and policy obligations;
  • Maintains records of all data assets and exports for the Company.

Candidate Requirements

  • Grade 12 certificate with 5 credits or better of which English and Mathematics are a must;
  • Law degree from an accredited law school ;
  • Data Protection and/or Privacy certification such as, CIPP, CIPT, ISEB, etc (Preferred);
  • Knowledge of Data Protection/Privacy local/regional/international regulatory requirements;
  • Excellent interpersonal communication skills are a must;
  • Experience in domestic and international data privacy laws;
  • Minimum 4 years experience within a compliance, legal, audit and/or risk function, with recent experience in privacy compliance;
  • Experience in developing policy and compliance training.

Women are strongly encouraged to apply

Hand delivered or posted applications will not be accepted

Note: that only shortlisted candidates will be contacted.

To apply for this job please visit

* Legitimate employers do not ask for payment. Find out more at safe job search tips.