About this role
Are you an experienced legal and compliance professional with expertise in data privacy and governance? An exciting opportunity is available for a Data Protection Manager in Nairobi. This role is ideal for professionals passionate about data privacy, regulatory compliance, and governance frameworks.
The successful candidate will be responsible for establishing and maintaining the institution's data governance framework while ensuring compliance with applicable data protection laws and privacy regulations.
Job Overview
The Data Protection Manager will oversee the implementation of data privacy policies, ensure compliance with regulatory requirements, manage data protection risks, and promote a culture of privacy by design across the institution.
This position requires strong leadership, stakeholder management, and regulatory compliance expertise.
Job Details
Position: Data Protection Manager
Job Type: Full Time
Location: Nairobi, Kenya
Industry: Legal and Regulatory
Experience: Minimum 5 Years
Qualification: Bachelor's Degree in Law
Key Responsibilities
Leadership and Stakeholder Management
The successful candidate will:
Build and maintain effective relationships with regulatory authorities and key stakeholders.
Guide management and staff in responding to requests from regulators, data subjects, and other stakeholders.
Organize and facilitate staff training and awareness programs on data protection and privacy requirements.
Promote a culture of privacy by design and privacy by default throughout the institution.
Data Protection Compliance and Governance
Responsibilities include:
Acting as the primary contact for matters concerning data subjects and privacy rights.
Developing and maintaining comprehensive records of data processing activities across all operational units.
Ensuring data protection policies are accessible to employees, contractors, and third-party service providers.
Managing third-party data protection and privacy risks.
Monitoring compliance with applicable data protection legislation, policies, and regulatory requirements.
Conducting ongoing reviews to ensure data processing activities align with legal obligations.
Regulatory Monitoring and Legal Advisory
The Data Protection Manager will:
Monitor developments in data protection laws and related regulations.
Conduct legal research on emerging privacy and compliance issues.
Prepare updates and recommendations for senior management, governing bodies, and relevant committees.
Provide expert advice on privacy-related legal matters and compliance obligations.
Reporting and Incident Management
Key duties include:
Preparing regular reports on the organization's data protection compliance program.
Supporting legal leadership in developing compliance reports for management and governance bodies.
Assisting with data incident response and breach notification procedures.
Providing updates regarding statutory and regulatory compliance obligations.
Facilitating the preparation of ad-hoc reports and submissions required by regulatory authorities.
Internal Stakeholder Collaboration
The role requires close collaboration with:
University Council and governance committees.
Senior management teams.
Legal, risk management, and compliance departments.
Information Technology (ICT) teams.
Human Resources, Finance, Admissions, and Registrar offices.
Heads of Departments and operational units.
Qualifications and Experience
Applicants should possess the following:
Educational Qualifications
Bachelor's Degree in Law from a recognized institution.
Professional Experience
Candidates should have:
A minimum of five years of experience within a legal or compliance function with a strong focus on data protection and privacy.
Experience in developing organizational policies and compliance frameworks.
Experience reviewing and managing contracts involving third-party service providers.
Practical experience handling data incidents, breaches, and regulatory compliance matters.
Professional Certifications
Applicants must possess:
A recognized professional certification in Data Protection and/or Privacy.
Technical Knowledge and Expertise
The ideal candidate should demonstrate:
Sound working knowledge of the Kenya Data Protection Act, 2019, and related laws and regulations.
Strong understanding of data governance frameworks and privacy compliance programs.
Knowledge of data processing operations and information systems.
Understanding of institutional data protection requirements and risk management principles.
Required Skills and Competencies
Successful candidates should possess:
Leadership and Management Skills
Ability to work independently and lead organizational change initiatives.
Strong leadership and team management capabilities.
Experience engaging with senior management and board-level stakeholders.
Communication and Presentation Skills
Excellent written and verbal communication skills.
Strong presentation and stakeholder engagement abilities.
Ability to prepare and facilitate training programs as a subject matter expert.
Project and Organizational Skills
Strong project management and organizational skills.
Ability to manage multiple priorities and deadlines effectively.
Experience leading long-term strategic initiatives and implementing improvements.
Professional Attributes
The ideal candidate should demonstrate:
High attention to detail.
Strong ethical standards and discretion when handling confidential information.
Excellent analytical, planning, and research skills.
Commitment to continuous learning and professional development.
Why Apply for This Role?
This position offers an excellent opportunity for experienced legal and compliance professionals to lead data privacy initiatives within a dynamic institutional environment.
The role provides exposure to governance, regulatory compliance, risk management, and strategic leadership while contributing to the development of robust data protection practices.
Application Deadline
28 July 2026
