Skip to content

Assistant Data Protection Officer at CIC Insurance

posted 6 hours ago
Job Overview
Employment FullTime
Location Nairobi Kenya
Experience At least 2-3 years
Education Level Bachelor's Degree
View More in Jobs > Information Technology (ICT)
svg background up
Opportunities Meet Aspirations

About the Role

Reporting to the Data Protection Officer, the role holder will support in monitoring compliance with the Data Protection Act and all applicable data privacy regulations across CIC Insurance Group. The role provides essential operational and analytical support to ensure that the Group and its subsidiaries maintain robust data protection practices in line with regulatory requirements. The role holder assists in developing and maintaining the Group’s data protection framework, managing records of processing activities, supporting data protection impact assessments, coordinating training programmes, and acting as a point of contact for internal stakeholders on day-to-day data protection matters.

Key Responsibilities

  • Support the Data Protection Officer in monitoring and implementing the Group’s Data Protection Framework, including assisting in updating policies, data collection templates, data mapping exercises, and the overall data protection implementation plan across all subsidiaries.
  • Maintain and update the Group’s Records of Processing Activities (ROPA), ensuring all data processing activities across subsidiaries are accurately documented, classified by purpose and legal basis, and made available on request in accordance with the Data Protection Act.
  • Assist in conducting Data Protection Impact Assessments (DPIAs) for new or changed processing activities, projects, and systems, documenting findings, risk ratings, and recommended mitigating controls for review and sign-off by the DPO.
  • Coordinate and support the delivery of data protection training programs across CIC Group, maintaining training registers, updating training materials as regulatory requirements evolve, and tailoring sessions to specific processing functions or subsidiary requirements.
  • Support the management of data subject rights requests, including Subject Access Requests, requests for erasure, rectification, or restriction of processing, ensuring responses are prepared within regulatory timeframes and referred to the DPO for approval where required.
  • Assist in managing data security incidents and breaches, including initial assessment, documentation, impact assessment support, and coordination with the Information Security team to ensure timely escalation and regulatory notification in line with the Group’s incident management plan.
  • Support the preparation of privacy statements for each processing operation and assist in ensuring these are incorporated into company forms, websites, correspondence, and other data collection touchpoints across all subsidiaries.
  • Assist in compliance review exercises and audits, identifying gaps in data protection practices, documenting findings, and tracking remediation actions to closure in collaboration with relevant business units.
  • Assist the DPO in preparing quarterly status reports on data protection compliance, highlighting emerging risks, incidents, or areas requiring immediate attention.
  • Help coordinate with the Office of the Data Protection Commissioner and other supervisory authorities as directed by the DPO, including assisting in preparing responses to queries, complaints, or inspection requests.
  • Monitor developments in data protection legislation, regulatory guidance, and best practice across the Group’s operating jurisdictions, preparing briefing notes and updates for the DPO and relevant stakeholders.

General Responsibilities;

  • Participate in departmental planning and budgeting as required.
  • Participate in relevant committees, working groups, and governance meetings as directed by the DPO.
  • Liaise with internal audit, external auditors, and regulators on data protection matters as directed.
  • Assist in planning and organizing internal awareness activities and campaigns related to data privacy and protection.

Essential Knowledge/Skills and Experience Required:

  • Bachelor’s degree in Law, Computer Science, Information Technology, Business Administration, or a related field.
  • A data protection or privacy certification from a recognized body is preferred
  • Additional qualifications in information security (CISA, CISM, or CISSP) are an added advantage
  • At least 2–3 years’ relevant experience in a compliance, legal, audit, or data protection support role within the financial services industry, preferably insurance or banking.
  • Demonstrated experience in maintaining compliance records, conducting assessments, or supporting regulatory reporting processes
Read More & Apply

Share This Post
Don't miss out on new jobs listing! Follow our channels Today WhatsApp Channel
Disclaimer Opened Career is a free job-posting website that does not charge applicants. We do not support recruitment agents or entities that demand money or favors to expedite the hiring process. Please use our platform responsibly and report any suspicious activity.
Why Opened Career
OUR OBJECTIVES
At Opened Career, we prioritize inclusivity, diversity, and equal opportunities for all individuals, regardless of their backgrounds or experiences. We believe in creating a level playing field where every candidate has the chance to showcase their skills and potential, and every employer has access to a diverse pool of qualified candidates.
CORE VALUES
Innovation
Integrity
Team Work
Excellence
Customer Focus
Professionalism
Filters & Sorting
Select Specialism