Data Protection Manager
Posted:
Job Purpose
The selected candidate will be responsible for establishing and maintaining the University’s Data Governance Framework, ensuring the protection of personal data belonging to employees, customers, service providers, and any other individuals.
Key Responsibilities / Tasks / Duties
Leadership and Stakeholder Management
- To seek, develop, and maintain relationships with the Office of the Data Protection Commissioner, relevant regulators, and other key stakeholders.
- To assist and guide staff and management in responding to enquiries or requests from regulators (ODPC), data subjects, and other stakeholders as appropriate.
- To organize and participate in training and awareness programs for staff on relevant Data Protection and Privacy requirements and obligations.
- To promote a culture of Data Protection and Privacy by design and by default within the university.
Oversight and Compliance with All Data Protection, Privacy, and Related Requirements
- Act as the public-facing function representing the interests of data subjects, as well as supervise and advise the university on responses to such requests.
- To develop and maintain a mapping of data processing points across all of the university’s operating and functional areas.
- To ensure Data Protection and Privacy policy availability by publishing on the intranet for employees and independent contractors, and by providing it to all contracted third parties (processors) who process personal information on the university’s behalf or under contractual agreements with the university.
- To manage third-party data protection risks.
- To monitor and ensure compliance with the data protection laws and policies to which the university is subject.
- To research and keep abreast of any changes to relevant laws and regulations, and to prepare regular updates for Management, the University Council, University Senate, and the Board of Trustees.
Reporting (20%)
- To prepare regular update reports on the data protection compliance program for the Director of Legal Services, the Management Board, and/or other relevant stakeholders.
- To support the Director of Legal Services in the preparation of update reports on the Data Protection and Privacy compliance program.
- To support data incident response and data breach notification procedures.
- To provide updates on matters related to compliance with statutory and regulatory requirements.
- To facilitate the provision of ad-hoc reports and/or information to regulators as and when required.
Key Relationships
Key Internal Stakeholders
- University Council Executive Committee & Audit & Risk Committee
- Management Board
- Legal
- Chief Manager, Risk
- ICT, HR, Finance, Admissions & University Registrar
- Heads of Department
Knowledge, Skills, and Experience Required for the Role
- Minimum five years' experience within a legal function with a specific focus on Data Protection and Privacy.
- Sound working knowledge of the Data Protection Act, 2019 and other relevant and applicable laws and regulations.
- Minimum of a Bachelor’s Degree in Law.
- Experience in developing policies and compliance.
- Experience in reviewing contracts with third parties.
- Good understanding of data processing operations, including information systems and the data protection needs of an institution.
- Experience in managing data incidents and breaches.
- Professional Data Protection and/or Privacy certification is a prerequisite.
Competencies Required for This Role
- Ability to work unsupervised, exercise leadership, and influence change.
- Excellent writing and presentation skills.
- Strong change and project management skills, including the ability to manage time well, prioritize effectively, and handle multiple deadlines.
- Demonstrated ability to undertake large, long-term projects and develop alternative methods to complete them.
- Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
- Ability to handle confidential and sensitive information with appropriate discretion and ethics.
- Leadership and executive disposition – ability to lead a team and engage at Management and Board level.
- Ability to prepare and facilitate training as a subject matter expert (SME).
- Planning and organizational skills.
- Learning and researching skills.
The consolidated pay for this position ranges from Ksh. 200,000/= to 250,000/= with other prevailing University benefits
If you have the requisite qualifications and experience and desire to work as a team member in a modern, progressive, international, and multicultural institution where you can make a difference, please apply indicating in the subject line of the email address Data Protection Manager. Interested applicants must provide a cover letter and a current CV, certified copies of educational certificates and transcripts, names and addresses of three referees (two of whom must be your current and previous employer), current salary and benefits, telephone and e-mail contacts by Friday, July 10, 2026 to;
Director Human Resource,
United States International University – Africa,
P. O. Box 14634-00800, Nairobi, Kenya
Email: [email protected]
CV Job Description Matcher See how well your CV matches this job and get tips to improve your chances AI Tool
This tool helps you see how closely your CV matches a job description. It also gives you simple suggestions on what to improve so you have a better chance of getting shortlisted.
Never pay anyone for job applications, interview tests, or job interviews. A genuine employer will never ask you for payment under any circumstances.
