About Risk Management
Risk Management is responsible for the analysing and mitigating the risks within the MFSA. The Risk
Management team is responsible for providing the strategic input and direction with regards to the risk appetite and ensure that the defined risk appetite is compliant with the requirements set out by the European Supervisory Authorities (ESAs). The Risk Management section is also responsible for ensuring that the internal processes and procedures of the MFSA comply with European Standards and offers recommendations on how these can be improved through risk and quality perspectives.
The eventual appointee will be appointed at senior manager level and will ensure that the authority processes the personal data of its staff, customers, providers or any other individuals (also referred to as data subjects) in compliance with the applicable data protection rules.
As Senior Manager in Grade 5, the eventual appointee will be expected to:
- Carrying out compliance duties in relation to the MFSA in observance of the Data Protection Act, such as, but not limited to, maintaining a registry of processes of personal data, performing an annual stock-take of new personal data processes including review of retention period and maintaining relations with the Office of the Information and Data Protection Commissioner;
- Carry out compliance duties in relation to the MFSA in preparation for and in observance of the General Data Protection Regulation (‘GDPR’) and be involved in all issues which related to the protection of personal data;
- Provide on-going training to staff members on data protection;
- Ensure they assist and support individuals who have issues concerning data management/breaches for all matters concerning data protection;
- Inform the authority and the employees who carry out-processing of their obligation pursuant to the GDPR and other relevant Data Protection regulations;
- Ensure to keep up to date with all changes/amendments to the applicable data protection laws;
- Monitor GDPR and other data compliance with the policies of the Authority in relation to the protection of personal/MFSA data including the assignment of responsibility, awareness training and training of staff involved in processing operations and the related audits;
- Provide advice when requested with regards to the Data Privacy Impact Assessment (DPIA) and monitor its performance;
- To act as point of contact with the Information & Data Protection Commissioner on issues relating to processing, including the prior consultation and to consult where appropriate on other matters;
- Have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purpose of processing;
- Be bound by confidentiality concerning the performance of task and duties in accordance to EU and national law;
- Fulfil other tasks and duties as instructed by Head of Risk Management or such person delegated by such person.
The role will report to the Head of Risk Management and have direct access to the highest Senior Management of the MFSA, the Chief Executive Officer.
We are looking for a candidate with an Honours Degree in Law or related to Data Protection requirements. A relevant post-graduate degree would be considered an asset.
You will also possess a minimum of seven (7) years working in a similar post, with solid experience in data protection. Familiarity to financial services regulatory framework and experience within compliance would be considered an asset.
In addition, strong leadership and people management skills are needed, along with the ability to manage competing priorities and a challenging workload.
If you do not have the necessary academic or professional qualifications but you have at least fifteen (15) years of relevant experience in a similar related role, we would still be interested in speaking with you.
*Dear Candidate, kindly note that this role is not managed by Castille. MFSA, in this case, is responsible to manage the application process. In case of any difficulties, feel free to contact firstname.lastname@example.org, and we will direct your query to the relevant contact at MFSA.