Data Privacy Manager

Data Privacy Manager Location: Johannesburg, South Africa (office-based, minimum 3 days per week)

About the role

As Robert Walters’ privacy programme matures, we are looking for an experienced and proactive Data Privacy Manager to join our team, reporting to our Privacy Counsel. In this role, you will take ownership of the day-to-day delivery of our privacy programme - managing a Data Privacy Analyst, handling and overseeing data subject rights processes, and driving the processes that keeps our global privacy framework running effectively.

You will work cross-functionally to ensure privacy is embedded in our processes, technology and culture. This is a high-impact opportunity to lead critical privacy initiatives in a dynamic environment, ensuring that privacy principles are not only met but championed across Robert Walters. You will be expected to handle matters confidently and independently, escalating to Privacy Counsel where appropriate. While our Privacy Counsel will take the lead of privacy law advisory work you will be expected to support them in that activity.

The right applicant has a strong attention to detail and an understanding of privacy principles. They possess excellent problem-solving skills and are adept at analysing complex situations to ensure compliance with legal requirements. They can effectively balance regulatory obligations with fostering trust and injecting practicality into our decision making, while collaborating across teams and managing intricate workflows.

What you’ll do

Data subject rights and incident response

• Act as the point of contact for global data subject requests, including coordinating and streamlining divergent processes for multiple business lines across the UK, EMEA and APAC regions.
• Manage and direct the Data Privacy Analyst to handle and triage access requests that Robert Walters receives, setting priorities and ensuring high-quality, timely responses in accordance with legal requirements.
• Partner with Privacy Counsel and other business partner teams to streamline and improve data subject rights workflows, ensuring timely and compliant responses.
• Handle initial intake from multiple channels and manage responses to enquiries from internal business partners, regulators, clients and candidates, escalating to Privacy Counsel as appropriate.
• Track and coordinate privacy’s data incident response activities, collaborating with various stakeholders including the Information Security team.

Programme ownership and compliance

• Own and maintain privacy programme documentation to demonstrate compliance with global privacy laws (e.g. Records of Processing Activities, privacy risk assessments, incident and access request logs).
• Lead the implementation and periodic review of policies, notices and practices to ensure compliance with Robert Walters’ global privacy obligations.
• Oversee and conduct Privacy Impact Assessments (PIAs) to identify and mitigate data protection risks in collaboration with Privacy Counsel, and ensure privacy-by-design principles are integrated across technology and data initiatives.
• Research, monitor and summarise changes in privacy laws and regulations, and support Privacy Counsel to advising on their potential implications for Robert Walters’ products and services.
• Track and report on the effectiveness of the global data protection framework and compliance activities.

Projects, training and continuous improvement

• Lead and support global privacy governance projects, data mapping and vendor assessment frameworks.
• Design and coordinate comprehensive global privacy training and awareness programmes, promoting responsible data practices including in relation to AI.
• Identify, assess and support remediation of global privacy risks, contributing to PIA processes and privacy-by-design.
• Drive continuous improvement across privacy operations, identifying inefficiencies and building scalable processes.

Who you are

Essential:

• 3+ years’ proven privacy compliance experience, preferably at a multinational company. Experience in designing and implementing privacy frameworks within an organisation is highly desirable.
• Deep practical expertise in global data protection laws (GDPR, CCPA, PIPL, EU AI Act, etc.) and emerging frameworks.
• Experience in dealing with customer complaints, supporting subject access requests, data breaches, delivering training and reporting requirements.
• Privacy programme and project management experience, with a proven ability to lead complex privacy programmes and projects.
• Strong stakeholder management and communication skills, with the ability to influence and guide technical and non-technical audiences including legal, technology and leadership. You should be able to take stakeholders on a journey and build genuine partnerships across the business.
• Demonstrated experience working across multiple jurisdictions and cultures - you will be liaising with people from all over the world, and the ability to navigate different working styles and build relationships globally is essential.
• A natural relationship-builder who is skilled at working across teams, building bridges and fostering collaboration.
• Strong analytical and problem-solving skills with a pragmatic, solution-oriented approach.
• A proactive, self-starting mindset with resilience, and the ability to navigate regulatory change and drive continuous improvement.
• Fluency in English is essential.

Desirable:

• One or more certifications from a recognised institution, such as IAPP’s CIPP or equivalent, with an emphasis on CIPM (Certified Information Privacy Manager).
• Familiarity with privacy management and automation tools.

Cultural fit

• Takes ownership and drives outcomes with confidence - you don’t wait to be told what needs doing.
• Naturally curious and proactive about regulatory developments and how they affect the business from a practical perspective.
• Builds strong, genuine partnerships with colleagues across Legal, Technology and senior business stakeholders.
• Comfortable working across time zones and adapting to the needs of a global team.
• Demonstrates a desire to go above and beyond, with a genuine commitment to embedding privacy as a core value across the organisation.
• Experience working in diverse teams, cultural awareness and willingness to adjust work hours to time zone requirements from time to time.

Where you’ll be

This role is based in our Johannesburg office, with an expectation of a minimum of three days per week in the office.