Data Protection Senior Associate

Paystack’s mission is to accelerate digital payments on the continent of Africa. Over 200K of some of the most renowned businesses in Nigeria, as well as a growing number of merchants in South Africa, Ghana, and Kenya use Paystack’s modern payments gateway. They include the likes of MTN, Burger King, UPS, AXA Mansard Insurance, FilmHouse Cinemas, Smile Communications, Air Peace Airlines, Crocs, Under Armour, Richemont Lifestyle Group (RLG), and many others.

In just over 8 years, our growing team has introduced a steady cadence of innovation within the online payments landscape, such as automated recurring payments, the ability for customers to pay directly from their bank accounts, automated chargebacks, and much more. We’ve been acquired by Stripe and are doubling down on the mission to help build out Africa’s payments infrastructure.

About the Data Protection Senior Associate role

Our team is looking for a driven, forward-thinking and innovative operations officer with a passion for data, technology, and privacy. In this role, you’ll be an integral part of the team ensuring that Paystack’s products and business operations adhere to legal, ethical, and best practice standards in data protection and privacy.
This dynamic role will focus on developing and driving processes for our Global Privacy Compliance Program, with a particular focus on Europe and Africa. 

The role will report to the Data Protection and Privacy Lead. The candidate should be based in Nigeria with the ability to travel when required.

Key responsibilities

• Serve as part of a small team of data privacy experts maturing Paystack’s global privacy framework
• Assist the DPO and project/product owners in carrying out Data Protection Impact Assessments (DPIA)
• Analyse existing and new legislative and regulatory developments to ensure that Paystack understands and remains compliant with evolving requirements across jurisdictions
• Work closely with other members of Paystack’s data, security, marketing, sales and product teams to help develop policies and procedures, and drive compliance with them, logging instances of non compliance with the DPO
• With the DPO and Security GRC, prepare documents for Paystack to present externally before regulators, industry groups and other key stakeholders during audits or licence applications (i.e. NDPR, ISO 27001, ISO 27701, CBN, data protection regulators etc.). This includes drafting document approval lists, updating date of approval on policy documents, applying correct nomenclature and classification labels to Management System documents.
• Actively engage data protection champions to assist with duties such as ROPA updates, sub-processor engagement, privacy due diligence screening, and other compliance requirements
• Work with the legal team in managing Data Processing Agreements (DPA) and ensuring data sharing and transfer with third parties is governed by the relevant agreement
• Update the DPP compliance calendar based on requirements from applicable data protection legislation and others as we expand to new jurisdictions
• Serve as the Data Privacy Risk Champion
• Provide strategic input to the cross-functional data protection and security GRC team
• Assist in driving Third Party Security and Privacy Risk Management initiatives across Paystack. This includes identifying potential third-party risks and ensuring these risks are mitigated
• Maintain the Privacy Risk Register by monitoring risk assessments and risk treatment progress; analysing, identifying, describing, and quantifying privacy risks that impact all business risks
• Help foster a security and privacy-centric culture across Paystack, by drafting quarterly awareness content to share company wide
• Regularly review existing DPP processes and suggest opportunities for improvement and/or further maturity (i.e. DSR procedure)

Requirements

You’ll thrive in this role if you have

• 3+ years’ experience working on data protection and privacy issues, with particular depth on US, European, and African data privacy regulations and the regimes governing transfer of data between various jurisdictions
• Experience with the General Data Protection Regulation, as well as other global privacy laws, regulations, best practice, and industry guidelines
• Experience and/or knowledge in solving data protection and privacy issues
• Strong organization and project management skills with the ability to work well on both long and short-term projects under pressure
• Strong interpersonal and communication skills who works well in a collaborative team environment
• Demonstrated ability to work in a diverse environment adhering to the highest ethical standards
• Ability to manage multiple competing priorities and remain adaptable
• Excellent written and oral communication skills
• Professionalism

Other nice to haves

• Preferably worked in a financial/technology company or in a consulting firm as product or privacy expert
• Solid understanding of managing third-party relationships, the regulatory environment, risk management frameworks and industry best practices.
• Strong working knowledge of supplier SLAs, KPIs, and risk management techniques

Benefits

• Competitive salary
• MacBook Pro
• Health Insurance
• Hybrid Working
• Smart, kind colleagues who’re invested in your growth

Application Instructions - Read carefully!

To apply, click the "Apply for this job" button

Questions? Please contact careers@paystack.com.