×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Data Security Information Security

Senior Manager - Data Privacy

Job in Dubai, Dubai, UAE/Dubai
Listing for: GMG
Full Time position
Listed on 2026-02-19
Job specializations:
  • IT/Tech
    Data Security, Information Security
Salary/Wage Range or Industry Benchmark: 120000 - 200000 AED Yearly AED 120000.00 200000.00 YEAR
Job Description & How to Apply Below

GMG is a global well-being company retailing, distributing and manufacturing a portfolio of leading international and home-grown brands across sport, everyday goods, health and beauty, properties and logistics sectors. Under the ownership and management of the Baker family for over 45 years, GMG is a valued partner of choice for the world's most successful and respected brands in the well-being sector.

Working across the Middle East, North Africa, and Asia, GMG has introduced more than 120 brands across 12 countries. These include notable home-grown brands such as Sun & Sand Sports, Dropkick, Supercare Pharmacy, Farm Fresh, Klassic, and international brands like Nike, Columbia, Converse, Timberland, Vans, Mama Sita's, and McCain.

Role Overview

You will own the privacy framework, ensure regulatory compliance across multiple jurisdictions in GCC and Southeast Asia, drafting and reviewing relevant policies and contracts, partner with business and technology teams, lead risk mitigation, support privacy risk assessments and audits and provide strategic counsel to the executive leadership. You will act as the central authority for data privacy strategy, risk assessments, breach response, RoPA governance, and engagement with regulators.

The role will work closely with internal stakeholders to embed privacy best practices across all business functions.

Key Responsibilities
  • Develop, implement, and maintain the organization’s data protection and privacy policies and frameworks. aligned to global standards.
  • Own and maintain the Privacy Governance Framework: enterprise privacy policy, notices, DPIA/PIA standards, data retention & minimization standard, cross-border data transfer SOPs, records of processing (RoPA), Data Subject Access Requests (DSAR) and incident response playbooks.
  • Advise on data privacy laws and regulations impacting the business across jurisdictions.
  • Develop and oversee control systems to prevent or deal with violations of internal policies.
  • Ensure that the all related regulatory compliance obligations are met.
  • Monitor developments in data privacy laws and recommend necessary updates to policies.
  • Partner closely with Security, IT, Product, HR, Marketing, and Data teams on minimization, pseudonymization/aggregation, anonymization standards, and secure disposal.
  • Review, draft, and negotiate contracts with data protection clauses (e.g., DPAs, SCCs).
  • Lead cross-border transfer compliance (e.g., model clauses, transfer risk assessments, adequacy evaluations, supplementary measures)
  • Conduct spot checks and audits on user access, retention compliance, and deletion practices.
  • Conduct and approve DPIAs/PIAs, legitimate interest assessments, and high-risk processing reviews (biometrics, monitoring, profiling, sensitive data).
  • Embed privacy-by-design into project and product life cycles; review solution architectures, data flows, and purpose limitation.
  • Serve as mandatory sign off authority in change management and project governance.
  • Design and manage the DSAR handling framework, including verification standards and system-wide search procedures.
  • Review complex or high risk DSAR cases.
  • Lead incident triage, investigation, and escalation processes in collaboration with IT/Security.
  • Define breach classification criteria, notification requirements, regulatory timelines, and forensic documentation standards.
  • Support internal investigations and audits related to data privacy.
  • Support incident response teams in the event of a data breach.
  • Develop and deliver role based training for frontline staff, IT teams, HR, marketing, operations, and healthcare service lines.
  • Promote privacy awareness through campaigns, case studies, and compliance reminders.
  • Ensure employee and vendor compliance through training and awareness programs.
  • Act as the organisation’s primary point of contact with data protection authorities.
  • Coordinate registrations/notifications (where required), DPO appointments (statutory/voluntary), and regulator engagement.
  • Liaise with data protection authorities when required.
  • Maintain Data Privacy dashboard and quarterly reporting to the management.
Skills & Experience
  • Bachelor’s degree in Law (LLB or equivalent),…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search