
Data Privacy & Protection Director
About us
Ranked in 2024 by the Financial Times, Moniepoint is Africa’s fastest-growing fintech, trusted by over 10 million business and individual accounts, processing billions of Naira in transactions monthly. Our mission is to enable financial happiness for every African, everywhere.
Job Title: Data Privacy & Protection Director
Department: Compliance
Reports to: Chief Compliance Officer
Location: Lagos, Nigeria
About this role
The Data Privacy & Protection Director provides expertise and support in data privacy and protection matters, ensuring compliance with regulatory requirements such as the Nigerian Data Protection Act (NDPA) 2023 and other relevant data protection laws. The role oversees the entire data protection strategy, driving the implementation of policies and procedures that safeguard personal data and maintain the organization’s reputation for data security. You will also be responsible for managing the organization’s compliance framework, including conducting Data Protection Impact Assessments (DPIAs) and overseeing data breach response efforts.
Responsibilities
- Governance Framework: Implement a data privacy governance framework (including Binding Corporate Rules) to manage data use in compliance with the Nigeria Data Privacy Act (NDPA) 2023.
- Policy Development: Set standards, formulate policies, and establish procedures for the organization to meet NDPA 2023 and other relevant regulations and requirements.
- Stakeholder Awareness: Ensure that employees, third-party processors (TPPs), vendors, and data subjects are fully informed about their data protection rights, obligations, and responsibilities.
- Regulatory Liaison: Serve as the primary point of contact and liaison for the Nigeria Data Privacy Commission (NDPC), other regulators, financial institutions, and customers on data privacy and protection-related matters.
- Query & Incident Resolution: Handle queries, complaints, claims, and notifications from regulators, law enforcement agencies, and data subjects, ensuring prompt feedback and resolutions.
- Impact Assessments: Work with product managers, project managers, and other internal stakeholders to conduct data privacy impact assessments (DPIAs) to ensure compliance with NDPA 2023 and extant regulations.
- Cross-Functional Alignment: Collaborate with IT teams to ensure that IT systems and procedures comply with NDPA and other relevant regulations.
- Security Coordination: Collaborate with the information security team to maintain records of customer data and data processing activities, while sustaining a data security management plan, a data breach response plan, and data retention structures.
- Training Strategy: Develop strategies to ensure continuous engagement with key internal and external stakeholders, and deliver targeted data privacy training to various business functions, TPPs, and vendors.
- Privacy Audits: Coordinate and conduct routine privacy audits, including a comprehensive review of the active privacy governance framework.
- External Auditing: Work closely with the Data Privacy Compliance Organization (DPCO) to conduct external regulatory audits and provide guidance and advice on privacy-related regulatory issues.
- Regulatory Monitoring: Monitor updates to local data privacy laws and regulations and make proactive recommendations to executive leadership when appropriate.
Experience & Background
- Educational Background: A Bachelor’s degree in Law, Information Technology, Computer Science, Business Administration, or a related field. A Master’s degree in information security or law is highly preferred.
- Required Experience: Minimum of 5 years of hands-on experience in data protection, compliance, or a related field, with a deep operational understanding of the NDPA and other relevant data protection laws.
- Proven Track Record: Demonstrated experience managing data privacy in complex organizational settings, including executing data protection audits, leading DPIAs, and managing data breach responses.
- Professional Certifications: Relevant certifications in data protection/privacy (such as CISSP, CIPM, CIPP, CPT, CDPSE, or CDPO) are highly preferred.
Skills & Competencies
- Regulatory Insight: Mastery of data privacy legislations, framework applications, and financial sector compliance structures.
- Analytical Skills: Strong capability to break down complex system flows, audit technical processing records, and discover potential vulnerabilities in data privacy management.
- Ethical Integrity: Uncompromising commitment to confidentiality, objectiveness, and ethical compliance standards.
- Effective Communication: Excellent verbal and written communication skills to successfully collaborate with regulators, external bodies, and internal cross-functional stakeholders.
- Leadership: Strong capability to direct compliance sub-functions, spearhead company-wide training initiatives, and influence technical or product decisions.
What success looks like in this role
- Perfect Regulatory Standing: Total alignment with the NDPC, resulting in smooth external regulatory audits and zero compliance violations or penalties.
- Flawless Risk Mitigation: Active, seamless execution of DPIAs for all internal structures, products, and tool variations prior to deployment.
- Proactive Incident Management: Rapid and completely documented closure of queries, compliance gaps, and unexpected breach notification vulnerabilities within strict timelines.
- High Organizational Maturity: An established and well-maintained culture of data safety where employees and third-party partners clearly follow data processing protocols.
Why join us
- Competitive compensation, benefits, and career growth opportunities.
- A collaborative and supportive work culture dedicated to professional development and continuous learning.
Create a Job Alert
Interested in building your career at Moniepoint? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field