SiFi is a rapidly growing B2B Fin-Tech company transforming expense management for businesses in Saudi Arabia. As a licensed EMI from the Saudi Central Bank, we empower companies with innovative tools to simplify finance management.

Position Overview

The Data Protection & Governance Specialist is responsible for establishing and managing the organization’s data protection, privacy, and data governance program. The role ensures compliance with the Saudi Personal Data Protection Law (PDPL) and National Data Management Office (NDMO) requirements.

The role coordinates the development of governance frameworks, policies, and operational practices that ensure personal and organizational data are managed securely, responsibly, and in accordance with regulatory expectations.

The position works closely with cybersecurity, legal, compliance, technology, and business teams to embed data governance and privacy practices across the organization.

Key Responsibilities

​

Personal Data Protection (PDPL)

• Establish and maintain the organization’s privacy governance framework.

• Develop and maintain data protection policies, procedures, and standards.

• Define data privacy-related KPIs and monitor them periodically.

• Lead and coordinate Privacy Impact Assessments (PIA / DPIA) for systems and initiatives involving personal data.

• Maintain records of personal data processing activities.

• Ensure processes exist to manage data subject rights requests (access, correction,deletion).

• Support incident response processes related to personal data breaches.

• Provide guidance to internal teams regarding proper handling of personal data.

• Support regulatory alignment with the Saudi Personal Data Protection Law (PDPL).

Data Governance & NDMO Compliance

• Lead the implementation of a data governance framework aligned with NDMO standards.

• Establish and maintain the organization’s data classification framework.

• Define and coordinate data ownership and stewardship models across the organization.

• Develop policies governing data lifecycle management, including retention and disposal.

• Support implementation of data quality management and metadata standards.

• Maintain data inventory and data asset management documentation.

• Coordinate NDMO compliance assessments and remediation activities.

Governance Coordination & Awareness

• Promote awareness of data protection and data governance requirements across theorganization.

• Provide guidance to business units on proper data handling and classification.

• Support the development of training programs related to data protection and governance.

• Coordinate with Legal, Compliance, Risk, and Technology teams to ensure regulatory alignment.

- Strong understanding of data protection and privacy principles.

- Knowledge of data governance frameworks and regulatory compliance.

- Ability to develop policies and governance documentation.

- Strong stakeholder coordination and communication skills.

- Strong analytical and organizational capabilities.