Group Data Protection Manager

The Maples Group is a standard bearer in financial and legal services, trusted by many of the world’s largest hedge fund managers, private equity firms and international corporations. Our distinction flows from our carefully curated team: 2,500+ professionals characterised by tenacity, ethics, and exacting excellence. Operating in key financial centres across the Americas, Asia, Europe and the Middle East, our international presence offers a unique springboard for career development and cross-cultural immersion. Our side-by-side financial and legal services are similarly ripe for interdisciplinary learning and growth.

We are committed to diversity, inclusion, and equality of opportunity as we attract, retain, and develop world-class talent.

About the Role

The GDPM will act as subject matter expert of all things concerning Cayman Data Protection Act, EU GDPR, and other like privacy/data protection laws globally. Specifically, the GDPM will support the Group Data Protection Team in assisting or taking the lead in:

• Monitoring and maintaining up-to-date knowledge of legal and regulatory developments relating to Data Protection Laws in the Maples Group’s operating jurisdictions and other relevant jurisdictions.
• Advising the Maples Group on the interpretation and application of Data Protection Laws in relation to the Maples Group's day-to-day business operation in general.
• Review, drafting, and negotiation of data protection provisions in contracts the Maples Group enter into with clients, vendors, employees, etc.
• Due diligence clients conduct on the Maples Group in relation to the handling of personal data by the Maples Group, or due diligence the Maples Group conduct on external vendors in relation to the handling of personal data by external vendors.
• Containment, mitigation, regulatory notification, and handling of response to personal data breaches in general.
• Identification, assignment, and handling of data subject requests in general.
• Designing, implementing, and maintaining policies, procedures, awareness-raising, training, and other forms of controls required to ensure the Maples Group’s compliance with Data Protection Laws (“Privacy Controls”).
• Assisting the Chief Risk Officer in performing his role under the Maples Group Data Protection Policy in relation to the management of privacy/data protection related risks.
• Advising and assisting the other control functions such as Information Security, Compliance, Risk, Legal, and Internal Audit in relation to the design, implementation, and maintenance of controls that double as or supplement Privacy Controls.
• Acting as statutory ‘data protection officer’ or ‘privacy officer’ for the purposes of Data Protection Laws where required, and assisting or supervising others who act as data protection officers or privacy officers.
• Liaising with regulators, external auditors, clients, vendors, and other like external stakeholders as and when required in relation to matters relating to the Maples Group’s compliance with Data Protection Laws.
• Keeping the senior management and other relevant internal stakeholders informed of material issues relating to the Maples Group's handling of personal data and compliance with Data Protection Laws.
• Performing such other appropriate duties as may be reasonably requested from time to time by the Group General Counsel, Chief Risk Officer, Chief Compliance Officer, Chief Information Security Officer, or other relevant representatives of the Maples Group, particularly in relation to professional secrecy, information security, records management, data governance, and other like domains that are closely related to privacy/data protection.

What You Bring

In addition to indisputably high ethical standards and autonomy, the ideal candidate possesses the following:

• A self-starter who is comfortable operating on an individual level, whilst also having the ability to work with the wider team to support the strategic vision and direction.
• A minimum of 5 years experience of advising on data protection issues (including some experience of negotiating commercial contracts) within the financial services and/or legal sector.
• The individual must have a thorough understanding of GDPR, including its implementation, across European jurisdictions (i.e. Ireland, Jersey, Luxembourg, Netherlands, UK, etc.). They must also have familiarity with privacy/data protection laws applicable to non-European operating jurisdictions (e.g. Canada, Cayman Islands, Hong Kong, Singapore, USA, etc.).
• The individual must be capable of making risk-based decisions on sensitive and time critical issues. They must be able to work effectively with stakeholders from across the entire organisation covering multiple jurisdictions.
• Individuals who are IAPP Certified (e.g. CIPP/E, CIPP/US, CIPM) are preferred.

Benefits & Rewards

The most enduring professional relationships are reciprocal relationships. The Maples Group prioritises employee health and wellbeing. Depending on your location, we offer a range of benefits, including:

• Comprehensive health coverage (medical, dental, and optical).
• Competitive vacation packages.
• Educational assistance and professional development programmes.
• Savings or pension plan.
• Life insurance.
• Travel insurance.
• Global mental wellness programme.
• Sports clubs and social events.