Salary: $5,198,035 to $6,990,779 per annum
JOB PURPOSE
Under the direction of the Permanent Secretary, the Data Protection Officer (DPO) is responsible for monitoring the Ministry’s data practices ensuring that all functions carried out by the Ministry are in accordance with the provisions of the Data Protection Act (2020). The incumbent will be accountable for monitoring internal compliance and providing guidance to the Ministry on data protection obligations. Additionally, the DPO will serve as a primary point of contact for supervisory authorities, such as Office of the Information Commissioner, and individuals whose data is processed by the Ministry.
KEY RESPONSIBILITY AREAS
- Management/Administrative
- Contributes to the development of Operational Plans and Budget;
- Prepares and submits reports as required;
- Represents the Permanent Secretary at local and regional meetings, conferences and other fora as directed;
- Keeps abreast of best practices within the information technology field so as to remain informed of current information;
- Provides guidance/sound, technical advice on matters relating to the work of the Ministry and its portfolio Agencies and Departments.
- Technical/Professional
- Design and implement a comprehensive Data Privacy Governance Framework and strategies to effectively manage the use of personal data in accordance with the provisions of the Data Protection Act.
- Establish and maintain appropriate systems and internal control mechanisms that align with the prescribed standards of the Data Protection Act.
- Ensure that the Ministry and its operational processes pertaining to data processing adhere to the established data protection standards and regulations.
- Implement strategies to enhance operational processes and ensure processes are in compliance with regulatory requirements.
- Design and implement Data Protection policies and procedures within the Ministry.
- Ensure that breaches of the data protection standards or violations of the provisions outlined in the Data Protection Act are addressed promptly.
- Review and update the Data Protection Plan regularly to ensure it aligns with any changes in laws, regulations, and policies.
- Ensure the timely collection of data, analysis, and reporting of data on key performance measures.
- Maintain a robust system to address and respond to queries and complaints.
- Ensure proper management and maintenance of personal data records, in compliance with data protection standards.
- Sensitise and train staff on the components of relevant Acts, Regulations and Policies related to data.
- Apprise data controllers and data subjects about their rights, obligations, and responsibilities regarding data protection.
- Provide advice and recommendations to staff and the Permanent Secretary regarding the interpretation and application of data protection rules.
- Collaborate with the Information and Communication Technology Branch to ensure compliance with the Data Protection Act in the Ministry’s ICT system.
- Collaborate with the Information and Communication Technology Branch to manage data security incidents and ensure timely resolution of issues such as security breaches, complaints, or subject access requests.
- Provide legislative advice and guidance to the Permanent Secretary regarding any gaps identified from the outcome of the Data Protection and Privacy Impact Assessment.
- Liaise with the Office of the Information Commissioner to address data protection matters and clarify or resolve any doubts regarding the application of the Act’s provisions.
- Collaborate with the Internal Audit Division, Legal Services Division, and other key stakeholders to monitor, implement and analyse compliance programmes.
- Perform any other reasonable duties that may be assigned from time to time.
REQUIRED SKILLS AND COMPETENCIES
Technical
- Sound knowledge and understanding of GOJ policies and programmes and the machinery of government
- Sound knowledge of applicable laws, policies, regulation and procedures
- Expert knowledge of the data protection law and practices
- Knowledge of change management principles and practices
- Expert knowledge of auditing techniques and practices
- Good knowledge of risk management techniques and strategies
- Excellent customer and quality focus
- Proficiency in the use of Microsoft Office Suite and other relevant computer applications and systems
Core
- Oral and written communication skills
- Analytical thinking
- Problem solving and decision making
- Flexibility and adaptability
- Teamwork and cooperation
- Initiative
- Integrity
- Interpersonal skills
MINIMUM REQUIRED EDUCATION AND EXPERIENCE
- Bachelor’s Degree in Law, Computer Science, Audit or equivalent qualification from recognised tertiary institution.
- Experience or knowledge in Data Privacy Legislation (in particular GDPR).
- Experience or specialised training in Records and Information Management Systems.
- Certification in Information Security, Data Protection and/or Privacy Certification such as CIPP, CIPT, ISEB, etc. (preferred).
- Exposure to Legal training.
- Minimum three (3) years related work experience.
Applications accompanied by résumés should be submitted via email to This email address is being protected from spambots. You need JavaScript enabled to view it.
No later than Friday, July 10, 2026 to:
Director, Human Resource Management and Development
Ministry of Culture, Gender, Entertainment and Sport
4-6 Trafalgar Road
Kingston 5
We thank all applicants for their expressions of interest, however only short-listed candidates will be contacted.
Government of Jamaica