Senior Executive Manager – Data Management

Role Purpose

The Senior Executive Manager – Data Management leads Bupa Arabia's compliance with the National Data Management Office (NDMO) framework and the Saudi Personal Data Protection Law (PDPL). This role owns the delivery of Track 3 of the Data Modernization Program - ensuring all data governance, data quality, data management, and data protection obligations are met in full, on schedule, and auditable by the Insurance Authority.

The role sits at the intersection of regulatory compliance, data architecture, and change management. The Senior Executive Manager translates NDMO requirements into actionable governance frameworks, stewardship structures, and operational processes - working directly with EY, the platform team (Track
1), and the AI team (Track
2) to ensure governance is embedded across every layer of the new platform, not bolted on afterwards.

With PDPL fully complete (23/23 deliverables), Data Governance at 40%, Data Management at 22%, and the Data Catalog (MCM) impeded by a Track 1 dependency, the role must accelerate remaining deliverables, hold EY accountable to completing the Data Catalog independently, and ensure Bupa Arabia passes its NDMO compliance audit by the 12‑month program milestone.

• Own all Track 3 NDMO deliverables – accelerate Data Governance from 40% to 100% and Data Management from 22% to 100% within programme timeline
• Drive sign‑off on all Pending Sign‑Off deliverables:
  Data Strategy (DG.1.1, DG.1.2, DG.1.3), Data Management Plans across all 12 domains, Policy gap analysis, and TOM approval
• Prepare Bupa Arabia for the NDMO compliance audit at 12‑month milestone – maintain an audit‑ready evidence pack for all 155 deliverables (excl. Data Catalog)
• Coordinate with EY programme team to track remaining obligations and ensure no deliverable gaps remain open at programme close

• Lead EY's continued delivery of the Data Catalog (MCM) independently of Track 1 – the Catalog must be built and populated without waiting for the full GCP platform
• Oversee all 18 MCM deliverables:
  Data Sources Prioritization, Metadata Population, Metadata Quality, Metadata Annotation, Certification, Catalog Tool (MCM 5.1–5.4), and KPI reporting
• Define a phased delivery plan: manual metadata population first, automated GCP Dataplex integration second – ensuring regulatory coverage is not delayed by platform timelines
• Ensure Data Catalog integrates with GCP Dataplex once Track 1 is live – seamless handover from manual to automated catalogue

• Finalize and obtain approval for Bupa Arabia's Data Management and Personal Data Protection Policy (DG.2.2), Data Architecture Policy (DAM.
  2.1), and all 12 domain‑specific data management plans
• Implement and ope rationalise the TOM for data governance – including all 11 roles: CDO, Governance Officer, Compliance Officer, Data Protection Officer, Business Data Stewards, and IT Data Stewards
• Establish and chair the Entity Data Management Committee (DG.4.2) – monthly governance forum with CDO, domain owners, and IT representation
• Lead the Data Strategy refresh and socialisation (DG.1.1, DG.1.2, DG.1.4) – ensuring alignment with Vision 2030, NDMO, and Bupa Arabia's Data Modernisation Programme

• Maintain all PDPL obligations already completed: 24 RoPA, 20 DPIA, breach notification procedures, consent management, and third‑party vendor assessments
• Close all PDPL items still pending:
  Compliance Monitoring, Processing Principles, Data Collection Policy, Legal Basis, Disclosure Policy, Data Retention, Technical Measures, and Advertising Policy
• Conduct quarterly PDPL compliance monitoring and audit reviews – maintain continuous compliance, not point‑in‑time readiness
• Manage data subject rights requests end‑to‑end: receipt, triage, fulfilment within statutory time frames, and logging

• Build and ope rationalise the enterprise DQ framework – DQ rule development, monitoring dashboards, SLAs, and issue resolution processes across all critical data…