Data Protection Officer

Data Protection Officer (DPO)

Location: Pretoria, Gauteng
Employment Type: Full-Time | Onsite
Salary: ZAR 1,100,000 gross per annum

A well-established organisation is seeking a highly experienced Data Protection Officer to lead enterprise-wide data privacy, POPIA compliance, and information governance initiatives. This is a strategic leadership role responsible for embedding privacy-by-design across business operations while ensuring regulatory compliance, risk mitigation, and strong stakeholder engagement at executive and board level.

The successful candidate will act as the organisations authoritative voice on data protection, guiding both operational and strategic decision-making in a complex, regulated environment.

• Design, implement, and continuously enhance data protection frameworks, policies, and controls ensuring lawful and ethical processing of personal information.

• Lead POPIA and PAIA compliance across the Group, including governance standards, procedures, privacy tools, and mandatory documentation.

• Conduct and oversee Privacy Impact Assessments (PIAs/DPIAs) and drive remediation plans.

• Manage data incidents, breaches, and data subject requests, ensuring SLA compliance and regulatory alignment.

• Lead internal investigations and act as primary liaison for regulators, auditors, and key stakeholders.

• Develop and deliver privacy training and awareness programmes for executives, management, and operational teams.

• Present data privacy insights, risks, and progress reports to Boards, ExCo, and Governance Committees.

• Ensure delivery of statutory and regulatory reporting obligations.

• Provide expert advisory and consulting support on data protection, access to information, and emerging regulatory risks.

• Monitor local and international privacy trends and proactively integrate best practices.

• Ensure governance forums operate in line with legislative and privacy requirements.

• Review and approve privacy and security-related technical solutions.

• Lead organisation-wide privacy audits and continuous improvement initiatives.

• Manage and develop the privacy team, ensuring high-quality delivery, optimal resourcing, and performance management.

• Honours Degree in Law, Compliance, Information Systems, Risk Management, or a related discipline.

• CIPM certification (or equivalent recognised privacy qualification).

• Additional certification such as CISSP, CISM, or similar (highly advantageous).

• 8–10 years experience in data protection, data privacy, or information security, with strong compliance implementation exposure.

• At least 3 years leadership or people management experience.

• Demonstrated expert knowledge of POPIA and relevant information legislation.

• Proven experience in:

  • Compliance and risk assessments

  • Project and change management

  • Privacy governance and assurance