Junior Management Position – Data Privacy & Protection

Our client, a Karachi-based, State Bank of Pakistan (SBP) regulated Electronic Money Institution (EMI), seeks to appoint an experienced professional for the following role:

The role of Data Privacy & Protection is responsible for establishing, implementing, and maintaining the organization's security, data privacy and protection framework in line with regulatory requirements and international best practices. This role ensures that personal and sensitive data processed within the EMI's digital payment ecosystem is adequately protected, managed, and governed in compliance with applicable regulations (including central bank requirements such as SBP), as well as global standards such as GDPR and PCI DSS.

• →Data Privacy Framework & Governance: Establish, implement, and maintain the organization's data privacy and protection framework, policies, and procedures in alignment with applicable regulations (including SBP guidelines), GDPR, PCI DSS, and other relevant standards governing the digital payment ecosystem.
• →Regulatory Compliance & Reporting: Ensure continuous compliance with central bank (SBP) requirements, data protection laws, and industry regulations. Manage regulatory reporting, respond to supervisory inquiries, and maintain evidence of compliance for audits and examinations.
• →Data Protection Impact Assessments (DPIAs): Conduct DPIAs for new products, systems, and third-party integrations to identify and mitigate privacy risks associated with the processing of personal and sensitive data.
• →Consent Management & Data Subject Rights: Oversee the implementation of consent management mechanisms. Manage and respond to data subject access requests (DSARs), including requests for access, rectification, erasure, and data portability, ensuring timely and compliant resolution.
• →Third-Party & Vendor Risk Management: Assess and monitor data protection practices of third-party vendors, service providers, and partners handling EMI data. Ensure contractual agreements include necessary data protection clauses and compliance with data localization and security requirements.
• →Breach Management & Incident Response: Lead the identification, investigation, and reporting of personal data breaches. Coordinate with internal stakeholders (including security, legal, and IT) to manage incident response, mitigation, and regulatory notification within mandated timeframes.
• →Awareness & Training: Develop and deliver data privacy and protection awareness programs for employees, ensuring a culture of compliance and accountability across the organization.
• →Policy Enforcement & Monitoring: Continuously monitor data processing activities to ensure adherence to privacy policies. Conduct periodic reviews, audits, and gap analyses to identify areas for improvement and recommend remediation measures.

• Minimum 16 years of education, preferably a Bachelor's degree in Information Technology, or a related field from an HEC-recognized or equivalent foreign institution.

• Minimum 3-4 years of professional experience, preferably in a large national/multinational organization with at least 1-2 years of related functional experience in a similar role at an equivalent position.
• Experience in a bank, EMI, fintech, or regulated financial institution growth functions is preferred.

• Collaborative Execution – Experience managing multi-stakeholder campaigns, especially in coordination with external partners and retail-facing brands.
• Team Player – Ability to work in teams or agency partners to deliver high-impact creative and campaign outputs.
• Agility & Entrepreneurial Mindset – Thrives in a fast-paced startup setting, with a bias toward action and innovation.

• The candidate should preferably be not more than 33 years of age as of the last date of submission of application.

This advertisement is published on 28 April 2026. The last date to apply is 07 May 2026. Candidates who possess the required experience and educational qualifications to undertake this challenging role are encouraged to submit their applications at https://hrsi.careers-page.com/

Only shortlisted candidates will be contacted.

www.hrs-int.com