Data Privacy & Protection Officer

Who We Are

Moniepoint is Africa’s all-in-one financial ecosystem, empowering businesses and their customers with seamless payment, banking, credit, and management tools. In 2023, we processed $182 billion and are Nigeria’s largest merchant acquirer. We are on a mission to create financial happiness for everyone, everywhere.

What We Do

At Moniepoint, we are a customer-focused community dedicated to crafting solutions that redefine our industry. We leverage artificial intelligence and data-driven best practices to support our businesses, from providing credit and overdrafts to ensuring every transaction is secure.

Curious about what makes Moniepoint an incredible place to work? Check out our stories on how we cultivate a culture of innovation, teamwork, and growth.

About the role

The Data Privacy & Protection Officer will support the Compliance Team in implementing and maintaining TeamApt’s Data Protection framework in compliance with the Nigeria Data Protection Act (NDPA) 2023, GAID, and other relevant Data Privacy regulations. The role provides day-to-day oversight in monitoring Data Processing activities, handling customer privacy rights requests, conducting awareness training, and supporting privacy risk management across TeamApt’s operations.

What you’ll get to do

Compliance & Governance

• Responsible for developing, implementing, and monitoring adherence to Data Privacy policies, procedures, and controls, including NDPA 2023, CBN regulations, and NDPC directives

• Ensures that all obligations are met with respect to lawful processing, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

• Maintain and regularly update the Record of Processing Activities (RoPA) and oversee the NDPC Data Protection Compliance Audit.

Data Subject Rights & Requests Management

• Coordinate and ensure timely, compliant responses to all Data Subject Access Requests (DSARs) and other individual rights requests.

• Manage data subject rights requests- including access, rectification, erasure, restriction, objection, and portability within statutory timelines.

• Develop and enforce the organisation's Data Protection Policy, Privacy Notice, Cookie Policy, Retention Policy, and all supporting privacy documentation.

Data Protection Impact Assessments (DPIA) & Risk Management

• Conduct and review DPIAs for new products, systems, and vendors.

• Facilitate the identification and mitigation of Data Protection/Privacy risks and ensure technical measures are in place in collaboration with IT and Risk teams.

Training, Awareness & Capacity Building

• Execute privacy awareness campaigns and training across departments, including developing and maintaining learning materials.

• Monitor and interpret changes in Nigerian and International Data Protection laws

Third-Party Management

• Oversee third-party data processor due diligence, ensure Data Processing Agreements (DPAs) are in place with all vendors and partners, and manage ongoing compliance of processor relationships.

• Maintain the Vendor Data Processing Register and support contract reviews for privacy clauses.

Incident Management & Reporting

• Manage data breaches, maintain incident Registers and participate in post-incident reviews.

• Manage data breach response (documentation, investigation, regulatory reporting to NDPC within statutory timelines).

• Ensure personal data elements are adequately protected within the organisation's security architecture, including encryption at rest and in transit, access controls, tokenisation of sensitive payment data, and audit logging

• Provide data protection oversight for the organisation's Business Continuity Planning (BCP) and Disaster Recovery (DR) programmes, ensuring personal data recoverability and minimised data loss objectives

Regulatory Engagement

• Prepare reports, documentation, and responses for the NDPC, and other regulators, also coordinate responses to NDPC’s notices, directives, and audits.

• Serve as a representative in all regulatory engagements with the NDPC, NITDA, NCC and other data-related matters.

• Manage and maintain all associated registrations, filings, renewals, and regulatory correspondence.

To succeed in this role, you should have experience in

• Excellent understanding of Data Privacy principles, risk management, and control frameworks.

• Familiarity with Data governance, Data lifecycle management, and financial customer data handling.

• High ethical standards and attention to detail.

• Ability to work collaboratively with cross-functional teams.

• Strong organizational and documentation skills.

• Tech savvy and familiarity with Data Governance software.

• Strong communication and report-writing skills.

• Analytical thinking and ability to spot compliance risks.

• Ability to work under supervision while taking initiative on assigned tasks.

Eligibility:

• Bachelor’s degree in Law, Information Technology, Computer Science, or related field.

• Minimum of 7–10 years of experience in Data Protection, IT GRC, Compliance, or Cybersecurity, preferably within financial services or regulated institutions.

• Professional certification like CIPP/E, CDPO or CIPM from accredited issuing bodies.

• Sound knowledge of the Nigeria Data Protection Act (NDPA 2023), NDPC Regulations, CBN IT Standards, and global Data Protection frameworks (e.g., GDPR).

• Strong analytical, communication, and stakeholder management skills

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.

• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.

• Compensation - You’ll receive an attractive salary, pension, health insurance, annual bonus, plus other benefits.

What to expect in the hiring process

• A preliminary phone call with the recruiter

• A technical interview with the Hiring Manager

• A behavioural and technical interview with a member of the Executive team.

Moniepoint Inc is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates.