Principal Privacy

The Opportunity – Permanent, Full Time Position

The Principal Privacy will be responsible for leading the development of a sustainable and effective privacy program for South32, including defining and uplifting the maturity of privacy controls. The role will build trust and confidence in how South32 manages and protects the data which it collects, ensuring we comply with global legislation and regulatory requirements where we operate.

Reporting to the Manager Cyber Security & Privacy, key role accountabilities include:

• Develop and lead South32’s Privacy program and development of South32’s global Privacy office
• Lead the development of jurisdiction-based privacy offices and/or compliance requirements
• Work with the relevant data owners, functions and operations to appropriately identify and manage privacy risks, and ensure achievement of compliance obligations
• Establish mapping of South32 privacy controls to industry frameworks to benchmark, monitor and set maturity targets
• Provide advice on matters related to data privacy including requirements definition, policies and procedures, risk and interpretation of regulation
• Govern the effectiveness of the privacy framework, including defining strategies for compliance, gap assessments and driving ongoing improvement
• Prepare Board papers for the Board of Directors and the Executive Team on current risks and controls, emerging privacy risks and systems that mitigate risks to the business
• Communicate South32’s position on risk and compliance matters as it relates to privacy
• Maintain South32’s incident management framework where it relates to privacy and data breaches including leading responses for privacy related incidents
• Liaise with regulatory and supervisory authorities where required; and to be the key point of contact for privacy enquiries and for individuals whose data is processed
• Perform and/or lead privacy impact assessments
• Develop relationships and trusted capability for external privacy law experts to support global privacy obligations

Key shared responsibilities:

• Agree roles and responsibilities for Privacy, Legal, HR, Supply and Technology to support the development of policies, procedures, and guidelines with the Senior Leadership Team
• Identify and follow trends and developments in privacy, legislation and regulatory requirements

 About You

You will be required to have the following:

• Demonstrated capability in applying data privacy principles in large organisations
• Proven knowledge and experience providing commercially pragmatic advice, as well as its application with key technologies such as mobile applications and cloud computing services.
• Capability leading whole-of-organisation, cross-functional complex change programs through to value delivery
• Strong stakeholder engagement and structured communication skills
• Strong attention to detail and analytical in defining and communicating problems and solutions
• Strong business acumen and understanding of organisational issues and challenges

Qualifications

• Tertiary qualification in Business, Law, Information Technology or related discipline

One or more of the follow certifications would be preferred:

• Certified Information Privacy Professional (CIPP)
• Certified General Data Protection Regulation Practitioner (GDPR-P)
• Certified Information Privacy Management (CIPM)
• Certified Information Privacy Technologist (CIPT)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information System Controls (CRISC)
• Certified Information Systems Auditor (CISA)
• Knowledge in data privacy principles and legislation across multiple jurisdictions, e.g. Australian Privacy Act, POPIA, GDPR

Our benefits 

• Competitive Salary
• Incentive bonus
• Work from Home options
• Participation in the Employee Share Plan
• Industry leading parental leave and family care policy
• Education and career development

Location

This role will be based at our office in the heart of the Perth CBD. We understand and value the benefits flexibility brings and operate a hybrid work model (in the office and from home).

Our culture 

At South32, our people are fundamental to our success. We’re focused on creating an inclusive workplace, with the right people in the right roles, who are engaged, empowered and appropriately rewarded.

We aspire to be an inclusive organisation, where our workforce reflects the broader demographic of the countries and communities where we operate.

South32 embraces diversity and encourages applications from people of all backgrounds.

Applications close 9th November 2022