Data Privacy Manager I KSA I Financial Services I Orient Insurance PJSC

Apply now »

Date: 26 Mar 2026

Location: SA

Company: Al Futtaim Private Company LLC

 

Job Requisition ID: 177133 

 

Established in the 1930s as a trading business, Al-Futtaim Group today is one of the most diversified and progressive, privately held regional businesses headquartered in Dubai, United A”rab Emirates. Structured into five operating divisions; automotive, financial services, real estate, retail and healthcare; employing more than 35,000 employees across more than 20 countries in the Middle East, Asia and Africa, Al-Futtaim Group partners with over 200 of the world's most admired and innovative brands. Al-Futtaim Group’s entrepreneurship and relentless customer focus enables the organisation to continue to grow and expand; responding to the changing needs of our customers within the societies in which we operate. 

 

By upholding our values of respect, excellence, collaboration and integrity; Al-Futtaim Group continues to enrich the lives and aspirations of our customers each and every day.

 

Job Description

 

The Data Privacy Manager is responsible for developing, implementing, and maintaining the organization’s data privacy framework to ensure the protection of personal and sensitive data. The role ensures compliance with applicable data protection laws and regulatory requirements within the Saudi insurance sector while supporting business operations and digital initiatives.

 

What you will do 

 

1. Data Privacy Strategy & Governance

 

  • Develop and implement the organization’s data privacy strategy and framework.
  • Establish data privacy policies, procedures, and standards.
  • Ensure alignment with corporate governance and risk management frameworks.

 

2. Regulatory Compliance

 

  • Ensure compliance with applicable data protection regulations, including those issued by Saudi Data and Artificial Intelligence Authority and Saudi Central Bank.
  • Monitor regulatory developments and assess their impact on the organization.
  • Act as the primary point of contact for data privacy regulators.

 

3. Data Protection & Risk Management

 

  • Identify and assess data privacy risks across business processes and systems.
  • Implement controls to protect personal and sensitive data.
  • Conduct Data Protection Impact Assessments (DPIAs) for new projects and systems.

 

4. Policies & Procedures

 

  • Develop and maintain privacy notices, consent mechanisms, and data handling procedures.
  • Ensure proper data classification, retention, and disposal practices.
  • Align internal policies with local and international privacy standards.

 

5. Incident Management & Breach Response

 

  • Establish and manage data breach response processes.
  • Investigate and report data breaches in accordance with regulatory requirements.
  • Coordinate with IT and cybersecurity teams on incident handling.

 

6. Training & Awareness

 

  • Develop and deliver data privacy training and awareness programs.
  • Promote a culture of data protection across the organization.

 

7. Third-Party & Vendor Management

 

  • Assess and monitor third-party data processors and vendors.
  • Ensure appropriate data protection clauses in contracts and agreements.

 

8. Collaboration & Advisory

 

  • Work closely with legal, compliance, IT, and business units to ensure privacy-by-design.
  • Provide advisory support on data protection matters for new products and services.

 

Required Skills to be successful

 

  • Bachelor’s degree in Law, Information Security, IT, or related field (Master’s preferred).
  • Minimum 10+ years of experience in data privacy, compliance, or information security, preferably within the insurance or financial services sector.
  • Strong experience working within the Saudi regulatory environment.
  • Professional certifications such as CIPP/E, CIPM, or ISO 27701 Lead Implementer are highly preferred.

 

What equips you for the role

 

  • Strong knowledge of data protection laws and privacy frameworks.
  • Understanding of information security and cybersecurity principles.
  • Risk assessment and analytical skills.
  • Strong attention to detail and problem-solving abilities.
  • Excellent communication and stakeholder management skills.
  • Ability to translate legal and regulatory requirements into practical controls.

 

Key Relationships

 

  • Legal & Compliance Teams
  • IT & Cybersecurity Department
  • Risk Management
  • Internal Audit
  • External Vendors & Service Providers
  • Regulatory Authorities (e.g., Saudi Data and Artificial Intelligence Authority, Saudi Central Bank)

 

Performance Indicators (KPIs)

 

  • Compliance with data protection regulations
  • Number and severity of data breaches/incidents
  • Timeliness of breach reporting and response
  • Completion of DPIAs for new initiatives
  • Employee training and awareness levels
  • Third-party compliance with data privacy requirements

 

About Orient Insurance PJSC

 

Orient Insurance Company commenced operations in 1982 as a part of the reputed Al-Futtaim Group and has since recorded a progressively steady growth. The Company is counted among the leaders in the UAE insurance market. Orient Insurance Company has a paid-up capital of AED 500 million which is the highest in the insurance industry in UAE. With head office in Dubai, the company serves its clientele through an extensive branch network in Jebel Ali, Abu Dhabi, Al Ain, Sharjah and Ras Al Khaimah in UAE, Muscat in Sultanate of Oman, Riyadh in Kingdom of Saudi Arabia and Bahrain.