regional Data privacy lead, ameaMondelēz International
Workplace: MetroManila, Manila
Salary: Agreement
Work form: Full time
Posting Date: 08/11/2025
Deadline: 05/12/2020
Job Description
This position directs and oversees all data protection activities for Mondelēz International (MDLZ) in its AMEA region and informs, advices, and issues recommendations regarding Data Privacy regulatory compliance. DPO's primary concern is MDLZ' compliance with data privacy regulations in different AMEA countries. The position devises the policies and procedures that bring the organization into compliance with data protection regulations, foster a data protection culture within the organization and help to implement and maintain ongoing compliance on essential regulatory principles. The position monitors the implementation of those policies, ensures training, assigns responsibilities and handles requests regarding personal data from data subjects and regulators. The DPO keeps management informed regarding their obligations under the Regulation, and is the primary contact point for supervisory authorities
Key Accountabilities Include:
Senior role leading privacy compliance in AMEA. Partner with Regional Functions, e.g. HR, IBS and Marketing on Regional Privacy matters.
Manage and advise on privacy compliance for Regional/Global systems in AMEA.
Continuous training to embed a culture of data protection and privacy in MDLZ
Support MDLZ legal counsel in interactions with Government and Industry groups on general privacy issues in AMEA.
Work with authorities and lead investigations related to privacy breaches and reporting to regulators.
Reviewing and adapting breach and incident management response protocols to implement best practices or recommendations and lessons learned from post-incident reviews
1st escalation point for IBS-ES Privacy Team - handle advice, coordinate with BU Counsel/local DPOs.
1st escalation point for Regional Concentrix consumer privacy issues
Reviewing and revising policies as needed following assessments or audits, in response to a breach or complaint, new guidance, industry based best practices, or as a result of environmental scans- Ongoing owner of the AMEA Data Privacy program
Monitor compliance and report to management with metrics
Specific Responsibilities Include:
Advice MDLZ regarding:
o Whether or not to carry out a data protection impact assessment (DPIA),
o Ensure adequate methodology is in place to follow when carrying out a DPIA,
o Ensure proper preservation of DPIA and follow up on relevant issues
o What safeguards (including technical and organizational measures) to apply to mitigate any risks to the rights and interests of the data subjects,
o Whether or not the DPIA has been correctly carried out and whether its conclusions (whether or not to go ahead with the processing and what security controls to apply) are in compliance with the respective regulatory requirements
Notification / Registration
o Notifying the relevant DPA of the company's data processing activities
o Keeping notifications updated from time to time
o Making any necessary filings in relation to international data transfers with the Data Protection Authority
Identify, understand, and maintain the record of processing operations under the responsibility of MDLZ as one of the tools enabling compliance monitoring, informing and advising MDLZ;
Document all decisions taken consistent with and contrary to DPO's advice;
Ensures data mapping documents and related systems are periodically updated;
Offers consultation once incident has occurred
Managing data controllers and data processors
o Monitor the activities of data controllers
o Manage data processors on behalf of the company (including outsourcing of data processing activities)
Will have additional activities in regards to data protection and information risk management
DPOs would be supported be In-country counsels, whose responsibilities would include
-Supporting regional DPO where local input is required in privacy matters.
-Being the local contact for local privacy regulators/Authorities
-Ensuring coverage from a local language standpoint
-Ensuring that local issues (e.g. language) are addressed sufficiently
Career Experience required for this Role:
5+ years of experience as DPO or data protection professional, in Audit/Information Security, Legal or another related function
Bachelor's degree.
Relevant data protection certifications preferred (e.g. IAPP CIPP/A and CIPM)
In-depth understanding of the privacy regulations and Data Protection techniques and strategies
Sound knowledge of information security standards and technology
Knowledge of the CPG or manufacturing industry
International experience managing complex initiatives and projects
Multilingual (English mandatory)
Proven interpersonal skills: two-way communication skills (oral and written), ability to build relationships, influence others without authority, work with a diverse internal stakeholder base.
Ability to handle multiple demands, shifting priorities, and ambiguous situations.
Strong project management and planning skills; balances strategic priorities with tactical execution priorities
Ability to develop diverse positive relationships both internally (with various functions) and externally (supervisory authorities, data protection authorities, data subjects, etc.)
Ability to work independently
Strong business acumen
Proactive, pragmatic, leader
Ability to understand data protection risks and articulate these risks in easy-to-understand business language which accurately shows the true degree of business of risk and impact
No Relocation support available, however for candidates voluntarily moving internationally some minimal support is offered through our Volunteer International Transfer Policy
Business Unit Summary
Headquartered in Singapore, Mondelēz International's Asia, Middle East and Africa (AMEA) region is comprised of six business units, has more than 21,000 employees and operates in more than 27 countries including Australia, China, Indonesia, Ghana, India, Japan, Malaysia, New Zealand, Nigeria, Philippines, Saudi Arabia, South Africa, Thailand, United Arab Emirates and Vietnam. Seventy-six nationalities work across a network of more than 35 manufacturing plants, three global research and development technical centers and in offices stretching from Auckland, New Zealand to Casablanca, Morocco. Mondelēz International in the AMEA region is the proud maker of global and local iconic brands such as Oreo and belVita biscuits, Kinh Do mooncakes, Cadbury, Cadbury Dairy Milk and Milka chocolate, Halls candy, Stride gum, Tang powdered beverage and Philadelphia cheese. We are also proud to be named a Top Employer in many of our markets.
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Job Type
Regular
Business Integrity & Security Governance
Legal
Mondelēz International
This position directs and oversees all data protection activities for Mondelēz International (MDLZ) in its AMEA region and informs, advices, and issues recommendations regarding Data Privacy regulatory compliance. DPO's primary concern is MDLZ' compliance with data privacy regulations in different AMEA countries. The position devises the policies and procedures that bring the organization into compliance with data protection regulations, foster a data protection culture within the organization and help to implement and maintain ongoing compliance on essential regulatory principles. The position monitors the implementation of those policies, ensures training, assigns responsibilities and handles requests regarding personal data from data subjects and regulators. The DPO keeps management informed regarding their obligations under the Regulation, and is the primary contact point for supervisory authorities
Key Accountabilities Include:
Senior role leading privacy compliance in AMEA. Partner with Regional Functions, e.g. HR, IBS and Marketing on Regional Privacy matters.
Manage and advise on privacy compliance for Regional/Global systems in AMEA.
Continuous training to embed a culture of data protection and privacy in MDLZ
Support MDLZ legal counsel in interactions with Government and Industry groups on general privacy issues in AMEA.
Work with authorities and lead investigations related to privacy breaches and reporting to regulators.
Reviewing and adapting breach and incident management response protocols to implement best practices or recommendations and lessons learned from post-incident reviews
1st escalation point for IBS-ES Privacy Team - handle advice, coordinate with BU Counsel/local DPOs.
1st escalation point for Regional Concentrix consumer privacy issues
Reviewing and revising policies as needed following assessments or audits, in response to a breach or complaint, new guidance, industry based best practices, or as a result of environmental scans- Ongoing owner of the AMEA Data Privacy program
Monitor compliance and report to management with metrics
Specific Responsibilities Include:
Advice MDLZ regarding:
o Whether or not to carry out a data protection impact assessment (DPIA),
o Ensure adequate methodology is in place to follow when carrying out a DPIA,
o Ensure proper preservation of DPIA and follow up on relevant issues
o What safeguards (including technical and organizational measures) to apply to mitigate any risks to the rights and interests of the data subjects,
o Whether or not the DPIA has been correctly carried out and whether its conclusions (whether or not to go ahead with the processing and what security controls to apply) are in compliance with the respective regulatory requirements
Notification / Registration
o Notifying the relevant DPA of the company's data processing activities
o Keeping notifications updated from time to time
o Making any necessary filings in relation to international data transfers with the Data Protection Authority
Identify, understand, and maintain the record of processing operations under the responsibility of MDLZ as one of the tools enabling compliance monitoring, informing and advising MDLZ;
Document all decisions taken consistent with and contrary to DPO's advice;
Ensures data mapping documents and related systems are periodically updated;
Offers consultation once incident has occurred
Managing data controllers and data processors
o Monitor the activities of data controllers
o Manage data processors on behalf of the company (including outsourcing of data processing activities)
Will have additional activities in regards to data protection and information risk management
DPOs would be supported be In-country counsels, whose responsibilities would include
-Supporting regional DPO where local input is required in privacy matters.
-Being the local contact for local privacy regulators/Authorities
-Ensuring coverage from a local language standpoint
-Ensuring that local issues (e.g. language) are addressed sufficiently
Career Experience required for this Role:
5+ years of experience as DPO or data protection professional, in Audit/Information Security, Legal or another related function
Bachelor's degree.
Relevant data protection certifications preferred (e.g. IAPP CIPP/A and CIPM)
In-depth understanding of the privacy regulations and Data Protection techniques and strategies
Sound knowledge of information security standards and technology
Knowledge of the CPG or manufacturing industry
International experience managing complex initiatives and projects
Multilingual (English mandatory)
Proven interpersonal skills: two-way communication skills (oral and written), ability to build relationships, influence others without authority, work with a diverse internal stakeholder base.
Ability to handle multiple demands, shifting priorities, and ambiguous situations.
Strong project management and planning skills; balances strategic priorities with tactical execution priorities
Ability to develop diverse positive relationships both internally (with various functions) and externally (supervisory authorities, data protection authorities, data subjects, etc.)
Ability to work independently
Strong business acumen
Proactive, pragmatic, leader
Ability to understand data protection risks and articulate these risks in easy-to-understand business language which accurately shows the true degree of business of risk and impact
No Relocation support available, however for candidates voluntarily moving internationally some minimal support is offered through our Volunteer International Transfer Policy
Business Unit Summary
Headquartered in Singapore, Mondelēz International's Asia, Middle East and Africa (AMEA) region is comprised of six business units, has more than 21,000 employees and operates in more than 27 countries including Australia, China, Indonesia, Ghana, India, Japan, Malaysia, New Zealand, Nigeria, Philippines, Saudi Arabia, South Africa, Thailand, United Arab Emirates and Vietnam. Seventy-six nationalities work across a network of more than 35 manufacturing plants, three global research and development technical centers and in offices stretching from Auckland, New Zealand to Casablanca, Morocco. Mondelēz International in the AMEA region is the proud maker of global and local iconic brands such as Oreo and belVita biscuits, Kinh Do mooncakes, Cadbury, Cadbury Dairy Milk and Milka chocolate, Halls candy, Stride gum, Tang powdered beverage and Philadelphia cheese. We are also proud to be named a Top Employer in many of our markets.
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Job Type
Regular
Business Integrity & Security Governance
Legal
Mondelēz International
Other Info
Paranaque City, Metro Manila
Permanent
Full-time
Permanent
Full-time
Submit profile
Mondelēz International
About the company
Position regional Data privacy lead, amea recruited by the company Mondelēz International at MetroManila, Manila, Joboko automatically collects the salary of , finds more jobs on Regional Data Privacy Lead, AMEA or Mondelēz International company in the links above