We use cookies to customise our website for you, giving you the best possible user experience. If you continue without changing your settings, we’ll assume that you are happy to receive this personalisation. Find out more about our cookie policy

Cancel
This job is expired
Return to Job Search
Excelsior Community College.

Data Protection Officer

Excelsior Community College.

  • Kingston and St. Andrew
  • Not disclosed
  • Permanent full-time
  • Updated 09/06/2026
  • HRM
Apply Now

Data Protection Officer

Job Purpose:

 

Under the general direction of the Principal/CEO, the Data Protection Officer is responsible for the ensuring that the College/Institution operates in accordance with the Data Protection Act 2020. The incumbent is also responsible for directing and coordinating all aspects relating to the implementation of data protection/privacy policies and procedures within the College/Institution. The incumbent will play a critical role in safeguarding the privacy rights of individuals for whom data is held or processed by the College/Institution and will ensure that sensitive data is protected. The incumbent will also be responsible for assessing any breaches in the policies/systems/processes and develop risk mitigation strategies.

  

Key Outputs:

 

  • Annual Work Plan prepared
  • Data Protection Act implemented and monitored
  • Internal controls developed and adhered to;
  • Data Protection processes and strategy developed, implemented and monitored;
  • Data protection impact assessments conducted;
  • Breaches identified and notifications prepared;
  • Reports prepared and submitted;
  • Adherence/compliance with standards monitored;
  • Governance  and accountability mechanisms evaluated and recommendations provided;
  • Continuous improvement strategies developed and implemented;
  • Risks identified and risk mitigation strategies developed and implemented/monitored
  • Technical advice provided;
  • Staff/Student Sensitization sessions conducted.

 

Key Responsibility Areas:

 

Technical/ Professional Responsibilities

 

  • Directs and manages the development of security measures and a privacy governance framework to manage data use in compliance with the Data Protection Act, including developing templates for data collection, and assisting with data mapping.
  • Develops standards for processing of personal data in compliance with the data protection standards and the Data Protection Act and good practice;
  • Ensures that any contravention of the data protection standards or any provisions of the Data Protection Act by the College is dealt with in accordance with the

 

Management Responsibilities:

 

  • Liaises with the OIC on issues relating to the processing of data, and to consult, where appropriate, with regard to any other matter;
  • Consults with the Office of the Information Commissioner (OIC) to resolve any doubt about how the provisions of the Data Protection Act and any Regulations made thereunder are to be applied;
  • Provide regular updates to the Principal/CEO and the Executive Team on data protection activities, compliance status and emerging privacy risks.
  • Monitors changes to local privacy laws and makes recommendations where necessary.
  • Keeps abreast of Jamaica Data Protection laws and regulations, and industry best practices and international laws including the European Union's General Data Protection Regulations (GDPR), Electronic Privacy Act and other international data protection laws;
  • Provides responses to comments and queries from data subjects in relation to the processing of personal data;

 

Other:

Performs any other related duties as assigned by the Principal/CEO

 

Performance Standards: 

  • External regulations (Data Protection Act) and internal controls adhered to within accordance with legislative framework;
  • Data Protection framework      and strategy developed and implemented   within accordance with legislative framework;
  • Data protection impact assessments conducted within agreed timeframes;
  • Breaches identified and notifications prepared within agreed timeframes;
  • Reports prepared and submitted within agreed timeframes;
  • Continuous monitoring conducted within accordance with legislative framework;
  • Adherence/compliance with standards monitored within accordance with legislative framework;
  • Governance and accountability mechanisms evaluated and recommendations made;
  • Research and analysis conducted and findings documented within accordance with legislative framework;
  • Continuous improvement strategies developed and implemented within accordance with legislative framework;
  • Technical advice and recommendations provided within agreed timeframes;
    • Sensitization sessions conducted within agreed timeframes.

Required Competencies:

 

Core

  • Excellent oral and written communication
  • Excellent presentation skills
  • Excellent analytical, judgment; decision making and problem solving skills
  • Excellent planning and organizing skills
  • Excellent interpersonal skills to foster harmonious working environment·
  • Strong Customer Service and quality focus skills
  • High level of integrity and confidentiality

 

Technical

  • Sound knowledge of applicable laws, policies, regulation and procedures
  • Sound knowledge of the Data Protection Act and other applicable data protection policies.
  • Good knowledge of auditing techniques and practices
  • Good knowledge of risk management techniques and strategies
  • Knowledge of Corporate Governance Framework for Public Bodies in Jamaica.
  • Good knowledge and understanding of GOJ policies and.programmes and the machinery of government      
  • Understanding of data management and information security principles ,including encryption, access controls and risk management
  • Good critical reasoning, quantitative and qualitative analysis skills
  • Knowledge of change management principles and practices
  • Strong environmental scanning, analysis and interpretive skills
  • Strong negotiating and persuasive presentation skills
  • Experience in conducting data protection impact assessments and developing privacy policies, procedures, and guidelines
  • Experience with handling data breaches, incidents, and interactions with the Office of the Information Commissioner
  • Proficiency in the use of the relevant computer applications

 

Minimum Required Education and Experience 

  • Bachelors' degree in Computer Science, Audit or equivalent qualification from recognized tertiary institution
  • Certification in Information Security, Data Protection and/or Privacy Certification such as CIPP, CIPT, ISEB, etc. (preferred)
  • Exposure to legal training would be an asset
  • Minimum Three (3) years related work experience in a data protection, ICT or cybersecurity field

 

Authority To: 

  • Recommend security procedures and maintenance for Data Protection
  • Report breaches to the OIC
  • Develop and review data protection standards and processes
  • Maintain risk and breach register
  • Take remedial action for breaches
  • Conduct training and sensitization relating to data protection
  • Conduct Data Protection Security Audits
  • Recommends appropriate standards
  • Recommends improvements in corporate governance framework
  • Recommends changes to regulatory framework/legislation
  • Access to highly personal confidential and sensitive data/information

Specific Conditions associated with the iob 

  • Normal office working environment
  • May be required to work beyond normal work hours in order to meet deadlines.
  • May be required to work on public holidays/weekends
  • Possession of a valid Drivers' Licence and a reliable motor vehicle

 

Ref: Data Protection Officer
Apply Now

Excelsior Community College.

Excelsior Community College.

View Agency Profile

  • 137 Mountain View Avenue, Kingston 3
  • 1 (876) 928-5070

View More Vacancies from Excelsior Community College.

Similar Jobs for you