Skip to main content
Madison Money Market Fund Daily Yield: 14.50% Effective Annual Yield: 15.51% Madison Fixed Income Fund Daily Yield: 14.95% Effective Annual Yield: 16.02%

Madison Group Limited (“the Group”) is a leading provider of insurance and fund investment services in Kenya.  The Group operates three subsidiaries namely: Madison General Insurance Kenya Limited, Madison Life Assurance Kenya Limited, and Madison Investment Managers Limited, all headquartered at Madison House.

Role Purpose

The purpose of this role is to establish, implement, and enforce a robust group-wide Data Protection Compliance framework and systems to ensure the Group and its subsidiaries are compliant with the Data Protection Law and regulations.

The job holder will be a member of the Data Protection Technical Committee (DPTC) responsible for implementing Information Risk and Data Protection programs with the Group.

Duties and Responsibilities

  • Advise the Group and employees on data processing requirements provided under this Act or any other written law;
  • Ensure on behalf of the Group, that the Data Protection Act is complied with;
  • Facilitate capacity building of staff involved in data processing operations;
  • Provide advice on data protection impact assessment;
  • Co-operate with the Data Commissioner and any other authority on matters relating to data protection;
  • Defining a Group Data Protection compliance program;
  • Champion Data Protection compliance;
  • Develop data protection implementation plan and strategies;
  • Interpreting data in relation to data protection laws;
  • Analyzing and classifying data on behalf of the Group;
  • Identifying patterns and trends in data sets;
  • Regularly Conduct Data Protection Impact Assessment;
  • Implementing an effective compliance training program on data protection;
  • Identify, analyze, and interpret trends or patterns in complex data sets;
  • Coordinate reporting of data breaches to data protection commissioner;
  • Respond to all data protection queries on behalf of the Group;
  • Issue and respond to any notice on data breach;
  • Work with the Data Protection Committee to align data protection policies with the relevant laws;
  • Work with management to prioritize business and information security needs;
  • Identify and define new process improvement opportunities on data protection;
  • Develop, monitor, and update detailed data protection policies and procedures;
  • Report on compliance gaps noted and ensure that the needed improvements are recommended;
  • Work with legal team to ensure full compliance with all data protection laws;
  • Promote a culture of data protection across all departments of the organization.

Qualifications, Experience and Competencies

  • Bachelor’s Degree in Computer science, information technology or law from a reputable institution;
  • Knowledge of Data Protection Act & General Data Protection Regulations (GDPR) is an added advantage;
  • Professional certifications in (e.g. CISA, CISM) or CISSP or similar certification;
  • Professional certification in privacy such as CIPP;
  • Minimum of 3 years experience in an IT security, risk management, compliance or audit-related role, preferably within the insurance or banking industry at a senior level.

How to Apply

Qualified candidates are requested to forward their applications together with their CVs and copies of documents to the Group HR Manager on not later than 31st March 2022. 

Close Menu