Assistant Data Commissioner- Inspection and Compliance at Office of the Data Protection Commissioner

Job Specification
Requirements for Appointment
For appointment to this grade, an officer must have;

• Kenya Certificate of Secondary Education (KSCE) minimum mean grade C+ (plus) or its equivalent from a recognized institution;
• Six (6) years’ experience in a related field, three (3) of which must be in a managerial position;
• Bachelor’s degree in Law, information technology, computer science, information systems, management information systems, informatics, law, data security or its equivalent from a recognized and accredited institution;
• Master’s degree in Law, information technology, computer science, information systems, informatics, Project Management, Monitoring & Evaluation, Public Policy, law, Data Security, Public Administration, or its equivalent from a recognized and accredited institution will be an added advantage;
• Either of the following ICT Certificates from a reputable institution will be an added advantage; Certified Information Systems Auditor, Certified Information Security Manager, Cyber Security or Certified Data Privacy Solutions, Certificate in Systems Audit
• Membership with relevant professional body in good standing;
• Certificate in Management Course from a recognized Institution;
• Shown merit and ability as reflected in work performance and results;
• Proficiency in computer applications; and
• Experience in data protection is an added advantage.

 Duties and Responsibilities
Specific duties and responsibilities at this level will entail:

• Develop and review of policies, procedures and guidelines to inform Inspection of Data Controllers and Data Processors;
• Develop, review and implement compliance certification guidelines in accordance with the Data Protection Laws;
• Undertake inspections to ascertain compliance with Data Protection Laws;
• Conduct periodic audits of the process and systems of Data Controllers and Data Processors to ensure Compliance;
• Review Data Protection Impact Assessment Reports in accordance with Section 31 of the Data Protection Act, 2019;
• Oversee Inspections of Data Controllers and Data Processors on processing of personal data;
• Review requests for transfer of personal data outside the country and establish safeguards in accordance with the Data Protection Laws;
• Administer fines to be imposed for failure to comply with the Data Protection Laws; and
• Perform any other duties as may be assigned by the Deputy Data Commissioner, Data Protection Compliance;

Skills and Competence
The following core competencies and skills will be required

• Leadership skills;
• Management skills;
• Presentation skills;
• Communications and Negotiation skills;
• Resource mobilization and management capabilities;
• Analytical skills;
• Decision making capabilities;
• People and Knowledge management
• Creativity and innovativeness.