Under the general direction of the Executive Director, the Data Protection Officer is responsible for ensuring the Agency operates in accordance with the Data Protection Act2020. The incumbent is also responsible for providing technical advice and coordinating all aspects relating to data privacy. S\/he will play a critical role in safeguarding the privacy rights of individuals for whom data is held or processed by the CCCJ and will ensure that sensitive data is protected in accordance with the law.<\/p>\n\n\n\n
\u2022 External regulations (Data Protection Act) and internal controls adhered to<\/p>\n\n\n\n
\u2022 Data Protection framework and strategy developed and implemented<\/p>\n\n\n\n
\u2022 Data protection impact assessments conducted<\/p>\n\n\n\n
\u2022 Breaches identified and notifications prepared<\/p>\n\n\n\n
\u2022 Reports prepared and submitted<\/p>\n\n\n\n
\u2022 Continuous monitoring conducted<\/p>\n\n\n\n
\u2022 Adherence\/compliance with standards monitored<\/p>\n\n\n\n
\u2022 Governance and accountability mechanisms evaluated and recommendations made<\/p>\n\n\n\n
\u2022 Research and analysis conducted and findings documented<\/p>\n\n\n\n
\u2022 Continuous improvement strategies developed and implemented<\/p>\n\n\n\n
\u2022 Advice and recommendations provided<\/p>\n\n\n\n
\u2022 Sensitization sessions conducted<\/p>\n\n\n\n
Technical<\/strong>\/<\/strong>Professional<\/strong>Responsibilities<\/strong><\/p>\n\n\n\n \u2022 Implementing measures and a privacy governance framework to manage data use in compliance with the Data Protection Act, including developing templates for data collection, and assisting with data mapping<\/p>\n\n\n\n \u2022 Ensuring that the Council of Community Colleges of Jamaica (CCCJ) processes personal data in compliance with the data protection standards and the Data Protection Act and good practice<\/p>\n\n\n\n \u2022 Consulting with the Office of the Information Commissioner (OIC) to resolve any doubt about how the provisions of the Data Protection Act and any Regulations made thereunder are to be applied<\/p>\n\n\n\n \u2022 Ensuring that any contravention of the data protection standards or any provisions of the Data Protection Act by the CCCJ is dealt with in accordance with the provisions of the Data Protection Act<\/p>\n\n\n\n \u2022 Keeping abreast of Jamaica Data Protection laws and regulations, and industry best practices and international laws including the European Union’s General Data Protection Regulations (GDPR), Electronic Privacy Act and other international data protection laws.<\/p>\n\n\n\n \u2022 Notifying in writing, the Data Controller of any contravention of the data protection standards or any provisions of the Data Protection Act<\/p>\n\n\n\n \u2022 Investigating and responding to data security breaches or security incidents promptly, ensuring appropriate notices are provided to the regulatory authorities, affected individuals, and other relevant parties as required by law<\/p>\n\n\n\n \u2022 Reporting any contravention by CCCJ of the data protection standards or any provisions of the Data Protection Act to the OIC, if the contravention is not rectified within reasonable time after the notification<\/p>\n\n\n\n \u2022 Assisting data subjects in the exercise of their rights under the Data Protection Act, in relation to the CCCJ<\/p>\n\n\n\n \u2022 Developing internal policies and procedures related to the processing of personal data<\/p>\n\n\n\n \u2022 Making recommendations for the appropriate organisational and technical measures to<\/p>\n\n\n\n ensure the security of personal data<\/p>\n\n\n\n \u2022 Serving as the primary contact for the OIC on issues relating to the processing of data, and to consult, where appropriate, with regard to any other matter<\/p>\n\n\n\n \u2022 Developing and implementing Standard Operating Procedures (SOPs) for addressing all complaints pertaining to the CCCJ’s privacy policies and procedures<\/p>\n\n\n\n \u2022 Providing advice\/information to the CCCJ and its employees on their obligations under the Data Protection Act and state data protection provisions<\/p>\n\n\n\n \u2022 Managing and conducting ongoing reviews of the CCCJ’s Data Protection Framework.<\/p>\n\n\n\n \u2022 Disseminating current information on policies, procedures and legislation for the CCCJ’s staff to be aware as well as to promote the quality culture<\/p>\n\n\n\n \u2022 Developing and implementing approved certification mechanisms to exhibit compliance<\/p>\n\n\n\n \u2022 Monitoring and evaluating recommendations implemented for addressing weakness and deficiencies in relation to the processing of personal data<\/p>\n\n\n\n \u2022 Preparing reports and presentations on analysis and findings<\/p>\n\n\n\n \u2022 Conducting a data protection Impact Assessment in respect of all personal data in the custody or control of the CCCJ<\/p>\n\n\n\n \u2022 Conducting periodic assessments to identify potential risks, gaps, or breaches in data protection and develop strategies to mitigate these risks.<\/p>\n\n\n\n \u2022 Conducting sensitization sessions for staff on the components of the Data Protection Act, Regulations and policies<\/p>\n\n\n\n \u2022 Collaborating with the CCCJ’s ICT Division in the maintenance of a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications and responding to subject access requests<\/p>\n\n\n\n \u2022 Collaborating with the relevant officers from the Internal Audit Unit, Legal Services Unit and other key stakeholders to monitor, implement and analyse compliance programme<\/p>\n\n\n\n \u2022 Participating in the collection of data, analysis and reports on key performance measures<\/p>\n\n\n\n \u2022 Providing responses to comments and queries from data subjects in relation to the processing of personal data<\/p>\n\n\n\n \u2022 Providing regular reporting to the Executive Director and the Executive Team of the CCCJ on data protection activities, compliance status and emerging privacy risks<\/p>\n\n\n\n \u2022 Monitoring changes to local privacy laws and makes recommendations where necessary the relevant data privacy and protection law, regulation and policy<\/p>\n\n\n\n \u2022 Participating in the collection of data, analysis and reports on key performance measures<\/p>\n\n\n\n \u2022 Providing responses to comments and queries from data subjects in relation to the processing of personal data<\/p>\n\n\n\n \u2022 External regulations (Data Protection Act) and internal controls adhered to within accordance with legislative framework.<\/p>\n\n\n\n \u2022 Data Protection framework and strategy developed and implemented within accordance with legislative Framework<\/p>\n\n\n\n \u2022 Data protection impact assessments conducted within agreed timeframes<\/p>\n\n\n\n \u2022 Breaches identified and notifications prepared within agreed timeframes<\/p>\n\n\n\n \u2022 Reports prepared and submitted within agreed timeframes<\/p>\n\n\n\n \u2022 Continuous monitoring conducted within accordance with legislative framework<\/p>\n\n\n\n \u2022 Adherence\/compliance with standards monitored within accordance with legislative framework<\/p>\n\n\n\n \u2022 Governance and accountability mechanisms evaluated and recommendations made<\/p>\n\n\n\n \u2022 Research and analysis conducted and findings documented within accordance with legislative framework<\/p>\n\n\n\n \u2022 Continuous improvement strategies developed and implemented within accordance with legislative Framework<\/p>\n\n\n\n \u2022 Technical advice and recommendations provided within agreed timeframes<\/p>\n\n\n\n \u2022 Sensitization sessions conducted within agreed timeframe<\/p>\n\n\n\n Internal<\/strong><\/p>\n\n\n\n External<\/strong><\/p>\n\n\n\n Core<\/strong><\/p>\n\n\n\n \u2022 Excellent oral and written communication<\/p>\n\n\n\n \u2022 Excellent presentation skills<\/p>\n\n\n\n \u2022 Excellent analytical, judgment, decision making and problem-solving skills<\/p>\n\n\n\n \u2022 Excellent planning and organizing skills<\/p>\n\n\n\n \u2022 Excellent interpersonal skills to foster harmonious working environment<\/p>\n\n\n\n \u2022 Strong Customer Service and quality focus skills<\/p>\n\n\n\n \u2022 High level of integrity and confidentiality<\/p>\n\n\n\n Technical<\/strong><\/p>\n\n\n\n \u2022 Sound knowledge of applicable laws, policies, regulation and procedures<\/p>\n\n\n\n \u2022 Good knowledge of auditing techniques and practices<\/p>\n\n\n\n \u2022 Good knowledge of risk management techniques and strategies<\/p>\n\n\n\n \u2022 Knowledge of Corporate Governance Framework for Public Bodies in Jamaica<\/p>\n\n\n\n \u2022 Good knowledge and understanding of GOJ policies and programmes an the machinery of government<\/p>\n\n\n\n \u2022 Understanding data management and information security principle, including encryption, access controls and risk management<\/p>\n\n\n\n \u2022 Good critical reasoning, quantitative and qualitative analysis skills<\/p>\n\n\n\n \u2022 Knowledge of change management principles and practices<\/p>\n\n\n\n \u2022 Strong environmental scanning, analysis and interpretive skills<\/p>\n\n\n\n \u2022 Strong negotiating and persuasive presentation skills<\/p>\n\n\n\n \u2022 Experience in conducting data protection impact assessments and developing privacy policies, procedures, and guideline<\/p>\n\n\n\n \u2022 Experience with handling data breaches, incidents, and interactions with the Office of the Information Commissioner<\/p>\n\n\n\n \u2022 Proficiency in the use of the relevant computer applications<\/p>\n\n\n\n \u2022 Bachelors’ degree in Computer Science, Audit or equivalent qualification from recognized tertiary institution<\/p>\n\n\n\n \u2022 Certification in Information Security, Data Protection and\/or Privacy Certification such as CIPP, CIPT, ISEB, etc. (preferred)<\/p>\n\n\n\n \u2022 Exposure to legal training would be an asset<\/p>\n\n\n\n \u2022 Sound knowledge of the Data Protection Act and other applicable data protection policies.<\/p>\n\n\n\n \u2022 One (1) year related work experience<\/p>\n\n\n\n Authority To:<\/strong><\/p>\n\n\n\n \u2022 Recommend security procedures and maintenance for Data Protection<\/p>\n\n\n\n \u2022 Report breaches to the OIC<\/p>\n\n\n\n \u2022 Develop and review data protection policies<\/p>\n\n\n\n \u2022 Maintain risk and breach register<\/p>\n\n\n\n \u2022 Take remedial action for breaches<\/p>\n\n\n\n \u2022 Conduct training and sensitization relating to data protection<\/p>\n\n\n\n \u2022 Data Protection Security Audits<\/p>\n\n\n\n \u2022 Recommends appropriate standards<\/p>\n\n\n\n \u2022 Recommends improvements in corporate governance framework<\/p>\n\n\n\n \u2022 Recommends changes to regulatory framework<\/p>\n\n\n\n \u2022 Access to highly personal confidential and sensitive data\/information<\/p>\n\n\n\n \u2022 Normal office working environment<\/p>\n\n\n\n \u2022 May be required to work beyond normal work hours in order to meet deadlines.<\/p>\n\n\n\n \u2022 May be required to work on public holidays\/weekends<\/p>\n\n\n\n \u2022 Possession of a valid Drivers’ Licence and a reliable motor vehicle<\/p>\n\n\n\n Salary scale<\/strong>: $4 266 270.00 \u2013 $5 737 658.00 per annum<\/strong><\/p>\n\n\n\n Application, accompanied with resume, should be submitted<\/strong><\/p>\n\n\n\n No later than Monday, 2026 May 11<\/strong><\/p>\n\n\n\n to<\/strong><\/p>\n\n\n\n Manager, Human Resource Management and Development<\/strong><\/p>\n\n\n\n The Council of Community Colleges of Jamaica<\/strong><\/p>\n\n\n\n 37 East Street<\/strong><\/p>\n\n\n\n Kingston<\/strong><\/p>\n\n\n\n Or<\/strong><\/p>\n\n\n\n Email: hr@cccj.edu.jm<\/strong><\/p>\n\n\n\n Subject: Data Protection Officer<\/strong><\/p>\n\n\n\n Please note the tenure is from 2026 May to 2026 October 31 (Subject to the Government of Jamaica Review)<\/strong><\/p>\n\n\n\n We thank all applicants for expressing interest; however, only shortlisted candidates will be contacted.<\/p>\n\n\n\n This description may not contain every conceivable duty or task associated with the job.<\/strong> The job holder may, from time to time, be required to perform other tasks and activities<\/strong> which are not enumerated but which are reasonably related to the overall purpose of the<\/strong> position.<\/strong><\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" Job Prupose Under the general direction of the Executive Director, the Data Protection Officer is responsible for ensuring the Agency operates in accordance with the Data Protection Act2020. The incumbent is also responsible for providing technical advice and coordinating all aspects relating to data privacy. S\/he will play a critical role in safeguarding the privacy […]<\/p>\n","protected":false},"author":1,"template":"","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"class_list":["post-22000","awsm_job_openings","type-awsm_job_openings","status-expired","hentry","job-category-executive-suite","job-location-kingston","pmpro-has-access"],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cccj.edu.jm\/site\/wp-json\/wp\/v2\/awsm_job_openings\/22000","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cccj.edu.jm\/site\/wp-json\/wp\/v2\/awsm_job_openings"}],"about":[{"href":"https:\/\/cccj.edu.jm\/site\/wp-json\/wp\/v2\/types\/awsm_job_openings"}],"author":[{"embeddable":true,"href":"https:\/\/cccj.edu.jm\/site\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/cccj.edu.jm\/site\/wp-json\/wp\/v2\/media?parent=22000"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}PerformanceStandards<\/strong><\/h4>\n\n\n\n
Contacts<\/strong><\/h4>\n\n\n\n
Contact (Title)<\/td> Purpose of Communication<\/td><\/tr> Executive Director<\/td> To receive and provide guidance and technical advice<\/td><\/tr> Internal Audit<\/td> To provide technical advice and guidance<\/td><\/tr> Technological Services Division<\/td> To provide technical advice and guidance<\/td><\/tr> Department\/Divisional Heads<\/td> To provide technical advice and guidance<\/td><\/tr> All Staff members<\/td> To provide technical advice and guidance<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n Contact (Title)<\/td> Purpose of Communication<\/td><\/tr> Office of the Information Commissioner<\/td> To obtain and share information relating to the administration of the act<\/td><\/tr> Ministries, Departments & Agencies<\/td> To receive and provide information, consultation<\/td><\/tr> Regional\/International Partners<\/td> To receive and provide information<\/td><\/tr> Members of the Public<\/td> To receive and provide information<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n Required Competencies<\/strong><\/h4>\n\n\n\n
Minimum Required Education and Experience<\/strong><\/h4>\n\n\n\n
Specific Conditions associated with the Job<\/strong><\/h4>\n\n\n\n
REMUNERATION<\/strong><\/h4>\n\n\n\n