Data Protection Officer (GMG SEG 3)

 Back to listing
Organisation
Ministry of Industry, Investment and Commerce
Reference
VAC-60798
Contract Type
Full-Time
Industries
Government & Public Sector
Location
Kingston
Salary & Benefits
Date Posted
26/02/2026
Expiry Date
17/03/2026
The Data Protection Officer designs and implements data privacy governance, ensures compliance with the Data Protection Act, manages breaches, advises leadership, and coordinates with internal and external stakeholders on data protection matters.

 

Job Purpose:

The Data Protection Officer (DPO) is responsible for monitoring the Ministry’s data practices ensuring that all functions carried out by the Ministry are in accordance with the provisions of the Data Protection Act (2020). Under the general direction of the Permanent Secretary, the DPO will be accountable for monitoring internal compliance and providing guidance to the Ministry of Industry, Investment and Commerce on data protection obligations. Additionally, the DPO will serve as a primary point of contact for supervisory authorities, such as the Office of the Information Commissioner, and individuals whose data is processed by the Ministry.

 

Key Outputs:

  • Data Protection Framework, Policies and Guidelines of the Ministry implemented and adhered to.
  • Systems and internal control mechanisms established and maintained.
  • Data compliance monitored and audits conducted.
  • Queries and complaints resolved.
  • Reports prepared and submitted.
  • Records of data processing activities managed and maintained in accordance with the Data Protection standards.
  • Breaches of the Data Protection Act addressed.
  • Training and sensitization sessions held.

 

Key Responsibility Areas:

Technical/Professional Responsibilities

  • Design and implement a comprehensive Data Privacy Governance Framework and strategies to effectively manage the use of personal data in accordance with the provisions of the Data Protection Act.
  • Establish and maintain appropriate systems and internal control mechanisms that align with the prescribed standards of the Data Protection Act.
  • Ensure that the Ministry and its operational processes pertaining to data processing adhere to the established data protection standards and regulations.
  • Implement strategies to enhance operational processes and ensure processes are in compliance with regulatory requirements.
  • Design and implement Data Protection policies and procedures within the Ministry. 
  • Ensure that breaches of the data protection standards or violations of the provisions outlined in the Data Protection Act are addressed promptly.
  • Review and update the Data Protection Plan regularly to ensure it aligns with any changes in laws, regulations, and policies.
  • Ensure the timely collection of data, analysis, and reporting of data on key performance measures.
  • Maintain a robust system to address and respond to queries and complaints.
  • Ensure proper management and maintenance of personal data records, in compliance with data protection standards.
  • Sensitize and train staff on the components of relevant Acts, Regulations and Policies related to data.
  • Inform data controllers and data subjects about their rights, obligations, and responsibilities regarding data protection.
  • Provide advice and recommendations to staff and the Permanent Secretary regarding the interpretation and application of data protection rules.
  • Collaborate with the Information and Communication Technology (ICT) Branch to ensure compliance with the Data Protection Act in the Ministry’s ICT system.
  • Collaborate with the Information and Communication Technology (ICT) Branch to manage data security incidents and ensure timely resolution of issues such as security breaches, complaints, or subject access requests.
  • Provide legislative advice and guidance to the Permanent Secretary regarding any gaps identified from the outcome of the Data Protection and Privacy Impact Assessment.
  • Liaises with the Office of the Information Commissioner to address data protection matters and clarify or resolve any doubts regarding the application of the act’s provisions.
  • Collaborate with the Enterprise Risk Management Unit, Internal Audit Division, Legal Services Division, and other key stakeholders to monitor, implement and analyze compliance programmes.
  • Prepare and submit routine and special reports, as required.
  • Attend and participate in meetings, seminars, workshops, and conferences, as required.
  • Performs any other related duties that may be assigned periodically.

 

Performance Standards:

  • Data Protection Guidelines and Policies for the Ministry are developed and adhered to by all processes, systems, and staff members.
  • Regular training and education sessions conducted for staff members to ensure their obligations are understood and the components of the Data Protection Acts, Regulations and Policies are adhered to.
  • Records of all data processing activities, operational procedures, and policies are maintained in accordance with established standards.
  • Timely legislative and technical advice is provided on all matters relating to data protection and privacy.
  • Queries and complaints are promptly addressed within agreed timeframes.
  • Regular data compliance audits are conducted to ensure compliance with policies, procedures, and guidelines.
  • Mechanisms and systems are implemented and monitored to ensure compliance.
  • Cabinet Submissions, Notes, Policy Recommendations, and Briefs on technical matters are appropriately prepared and submitted within the required timeframe.
  • Comprehensive reports are prepared within the required timeframe.
  • Confidentiality, integrity and professionalism maintained at all times in the delivery of duties.

 

Special Conditions associated with the job

  • Pressured working conditions with numerous critical deadlines.
  • Will be required to work long hours, after work and on weekends and public holidays when the need arises.
  • May be required to travel locally and overseas.

 

Required Competencies

Core

  • Excellent critical reasoning, quantitative and qualitative analysis skills
  • Strong environmental scanning, analysis, and interpretive skills
  • Strong negotiating and persuasive presentation skills
  • Leadership 
  • Planning and Organizing 
  • Problem Solving & Analysis 
  • Communication 
  • Initiative & Judgment 
  • Integrity/Ethics 
  • Interpersonal Skills 
  • Priority Management 
  • Teamwork 

Technical

  • Expert knowledge of the data protection law and practices
  • Proficiency in the use of the relevant computer applications
  • Knowledge of change management principles and practices
  • Expert knowledge of auditing techniques and practices
  • Good knowledge of risk management techniques and strategies 
  • Sound knowledge and understanding of GOJ policies and programmes and the machinery of government
  • Sound knowledge of applicable laws, policies, regulation and procedures

 

Minimum Required Education and Experience

  • Bachelor’s degree in Law, Compliance, Computer Science, Audit or equivalent qualification from recognized tertiary institution.
  • Demonstrable experience or knowledge and/or in-depth understanding of data privacy legislation (in particular GDPR). 
  • At least one (1) Data Protection and/or Privacy Certification such as CIPP, CIPT, ISEB, etc. (preferred) or Certification in Information Security
  • Minimum three (3) years related work experience. 
  • Exposure to legal training (will be an asset).
  • Experience or specialized training in records and information management systems (will be an asset).
Ministry of Industry, Investment and Commerce

    • By submitting this form you agree to our terms of use
    Apply Now

    You may also be interested in...
    Secretary (OPS SS2) – Monitoring and Regulations Unit - Kingston
    Posted Today Posted by Ministry of Industry, Investment and Commerce
    Under the supervision of the Director of Monitoring & Regulations, the Secretary (OPS/SS 2), is responsible for carrying out all Secretarial, administrative and support functions for the Director.
    Salary & Benefits: Town/City: Kingston
    View Details
    Senior Director MSME (GMG/SEG 5) - Kingston
    Posted Today Posted by Ministry of Industry, Investment and Commerce
    The Senior Director leads MSME sector development by designing policies and programs, providing strategic advice to senior officials, and representing the ministry in local and international engagements.
    Salary & Benefits: Town/City: Kingston
    View Details
    Small Business Financing Specialist (GMG/SEG 4) - Kingston
    Posted Today Posted by Ministry of Industry, Investment and Commerce
    The Small Business Financing Specialist manages programmes to improve MSME access to financing, provides technical assistance, monitors financial indicators, develops policies, and oversees projects and stakeholder engagement.
    Salary & Benefits: Town/City: Kingston
    View Details
    Manager, Promotions and Outreach (GMG/SEG 2) - Kingston
    Posted Today Posted by Ministry of Industry, Investment and Commerce
    The Manager develops and implements promotional outreach programs, coordinates events, conducts research, provides policy guidance, and collaborates with stakeholders to support the growth and development of the MSME sector.
    Salary & Benefits: Town/City: Kingston
    View Details
    Performance Monitoring and Evaluation Officer (GMG/SEG 2) - Kingston
    Posted Today Posted by Ministry of Industry, Investment and Commerce
    Under the general direction of the Corporate Planner, the incumbent is responsible for assisting with the monitoring and evaluation of the Ministry’s policies, programmes and projects.
    Salary & Benefits: Town/City: Kingston
    View Details