Senior Manager: Data Privacy & Policy Compliance

Reference Number:
Senior Manager: Data Privacy & Policy Compliance
Johannesburg, South Africa
Organisation Name:
MTN Group
Group Risk & Compliance
MTN Level:
Level 3H

The Senior Manager: Data Privacy and Policy Compliance will be accountable to lead the development, implementation, and management of the monitoring and testing program to evaluate the effectiveness of compliance controls established to comply with applicable regulatory requirements relating to Cyber and Data Privacy.

MTN is entering a new phase in its lifecycle where operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates.  The Group’s Compliance function must therefore ensure the successful delivery of the transformation in context of:

  • Fluid regulatory landscape
  • Rapidly changing ICT environment
  • The geographic complexity of MTN’s foot print across Africa and the Middle East
  • Management of executive and local shareholder expectations across all 22 OpCos
  • Achievement of top quartile operating efficiency and effectiveness through scale and common policies and processes
  • Driving growth through business intelligence and standardization to maximize business impact
  • Management of customer and supplier expectations
  • Enhance MTN position as a leading network and system provider
  • Constant dynamics and local challenges in the economic, regulatory and legal environments

The Senior Manager: Data Privacy and Policy Compliance will be accountable to achieve the following objectives:

  • Monitor MTN Group’s Data and Privacy Compliance agenda and directives and assist first line management to implement the necessary compliance mechanisms
  • Coordinate and maintain MTN Group’s Data and Privacy Programme
  • Identify potential issues with current procedures that may impact risk, audit, regulatory and legal requirements
  • Stay abreast of, and understand domestic and international privacy laws
  • Draft and implement applicable privacy policies, procedures, and standards for MTN Group
  • Assist with drafting and implementing applicable legal, regulatory and governance related policies & procedures for MTN Group
  • Participate in the development of the Data and Privacy Compliance policy and ensure MTN’s compliance with regulatory requirements
  • Undertake investigations related to non-compliance, identify issues and seek to resolve problems in a timely manner, in line with regulatory requirements as defined by legislation or MTN policies
  • Assist in developing and communicating regulatory compliance policy within the various OpCos and evaluate the impacts
  • Create sound internal controls with business around privacy, legal, regulatory and governance
  • Conduct compliance testing of key controls as per policy
  • Monitor and report on the key controls’ compliance to best practice and processes within OpCo structures
  • Monitor and report on the Data and Privacy compliance best practice and processes within OpCo structures
  • Provide guidance to continuously enhance awareness and understanding of Data and Privacy compliance and policy issues, obligations, and requirements
  • Assess whether management is adequately trained on legislative requirements and appropriate compliance methodologies regarding cyber and data privacy. If not assist first line management to develop adequate training programs
  • Assist management to execute security awareness campaigns across key OpCos
  • Input into strategies for ensuring future compliance and mitigation of risk i.e. Material legislations, fines and reporting requirements for various regulators (also includes JSE)
  • Stay up to date on all relevant compliance and regulatory requirements within the Telecommunications Industry
  • Responsible for overall implementation and management of the Data and Privacy compliance testing program for MTN Group
  • Ensure adequate alignment to Group policies and procedures
  • Monitor the financial performance of the Data and Privacy unit versus budgets and ensure all activities are carried out in line with the approved guidelines while promptly reporting on any variances to GM: Compliance Monitoring and Testing
  • Manage Data and Privacy staff to ensure a high performing function
  • Identify staff training and development needs and implement necessary actions
  • Facilitate the setting up of the Group Privacy Office
  • Coordinate the development and deployment of the Group Privacy Programme
  • Implementation and monitoring of Data and Privacy Compliance framework to identify hidden risks or non-compliance issues
  • Risk mitigation through up-to-date Data and Privacy processes and procedures
  • Monitoring of compliance to privacy standards and monitoring key controls
  • Increased awareness of Data and Privacy regulations and legislation within Group and OpCos
  • Alignment of internal policies and procedures to industry regulations
  • Facilitation and maintenance of policies for privacy, legal, regulatory and governance

 Role Dependencies

  • Active support from the GM: Policy and Procedure
  • Deep understanding of the MTN business strategy
  • Understanding of the relevant legal environments
  • Timely decision making and reporting
  • Alignment of OpCo and Group risk and compliance initiative

Job Requirements


  • Minimum 4-year Academic Degree
  • Post graduate qualification (MBA/CA/Masters) advantageous
  • Fluent in English and language of country preferable


  • 7-10 years management experience or more; with at least 3 years in relevant sector / industry /area of specialisation (an understanding of emerging markets is advantageous)
  • Work across diverse cultures and geographies
  • Experience working in a medium to large organization


  • Strategy Implementer, Decisive problem Solver, Best Practice Creator
  • Culture and Change Champion, Guiding People Manager, Relationship Builder
  • Results Achiever, Operationally Astute