Description

COPEDU Plc

is a Public Limited Company licensed by the National Bank of Rwanda to operate as a Financial Institution registered in the Office of the Registrar General with Company Code:100544628, P.O Box.4053, Kigali. COPEDU Plc is a Deposit Taking Financial Institution operating in Rwanda offering Banking services as mandated under the Rwandan law.;The Data Protection Officer (DPO) is responsible for overseeing and ensuring that COPEDU PLC processes personal data in compliance with applicable data protection laws and regulations, including the protection of customer and business information. The role involves managing all aspects of data protection, ensuring confidentiality, integrity, and security of personal data across the organization.

Key Responsibilities

Key Responsibilities are:

• Develop, implement, and monitor COPEDU PLC’s data protection and privacy program to ensure compliance with applicable data protection laws and regulations
• Establish, review, and enforce data protection policies, procedures, and internal controls across the organization
• Conduct regular Data Protection Impact Assessments (DPIAs) and risk assessments to identify, evaluate, and mitigate risks associated with the processing of personal data
• Monitor organizational compliance with data protection requirements and recommend corrective actions to address identified gaps
• Serve as the primary point of contact for data protection matters, including engagement with regulatory authorities and responses to data subject inquiries
• Ensure the implementation and maintenance of appropriate technical and organizational security measures to safeguard personal data against unauthorized access, disclosure, alteration, loss, or destruction
• Maintain and regularly update records of processing activities in accordance with regulatory requirements
• Ensure that data subject rights, including access, rectification, erasure, restriction, objection, and data portability, are handled effectively and within legal timelines
• Monitor, investigate, document, and report personal data breaches, ensuring timely notification and response in compliance with applicable regulations

REQUIRED PROFILE AND QUALIFICATIONS

REQUIRED PROFILE AND QUALIFICATIONS

• Bachelor’s degree in Information Technology, cybersecurity, computer science, or a related field with a strong focus on data protection, privacy, risk management, legal compliance
• with at least 2 years of experience in data protection, privacy management, or compliance, preferably within the financial services or banking industry.
• Certifications such as CIPP, CISM, CISSP, or similar privacy and security certifications are value added.
• In-depth understanding of data protection laws and best practices for managing personal data securely.
• Ability to conduct data protection impact assessments and identify potential risks in data processing activities.
• Strong ability to communicate data protection issues clearly to both technical and non-technical stakeholders.
• Strong analytical and problem-solving skills
• Capability to address data protection challenges effectively and develop solutions to mitigate risks.
• Proven experience in educating and training staff in data protection and privacy best practices.

Application

All applications must include:

• A motivation letter
• A copy of the National ID
• A detailed Curriculum Vitae (CV)
• Copies of academic and professional certificates.
• Copies of certificates of rendered service.

How to apply

Candidates

are required to send their applications in One (1) pdf document through the email; hr-recruitment@copeduplc.rw not later than 05/06/2026. Only selected candidates will be contacted.