Data Protection Compliance Manager

The Malawi Communications Regulatory Authority (MACRA) is a statutory body established under the Communications Act (Cap. 68:01 of the Laws of Malawi) to regulate the country’s communications sector. Under the Communications Act of 2016, MACRA is mandated to regulate and monitor the provision of communications services and ensure that, as far as it is practicable, reliable and affordable communications services are provided throughout Malawi.

The Vision of MACRA Communication Services for a digitally transformed Nation. In order to fulfil its mandate effectively and efficiently with strategic leadership and management, an opportunity has arisen within MACRA to fill vacant positions. The positions are highly demanding and requires persons who have demonstrable capacity to initiate innovations geared at making MACRA a rejuvenated, vibrant and competitive Authority. The following are the details of the position:

JOB TITILE: Data Protection Compliance Manager
GRADE: MA 4
DIRECTORATE: Executive
LOCATION: Lilongwe
SUPERVISOR: Head of Data Protection Authority

JOB PURPOSE
The Data Protection Compliance Manager is responsible for ensuring that data controllers and processors comply with the provisions of the Data Protection Act. The role entails implementing registration processes, raising data protection awareness, conducting audits, and fostering collaboration with key stakeholders.

MAIN DUTIES OF THE JOB

1. Develop and implement a robust data protection compliance framework in line with legal and regulatory requirements.
2. Oversee the registration and maintenance of comprehensive register of data controllers and processors of significant importance.
3. Promote awareness and understanding of data protection regulations through training programs, workshops, and outreach initiatives for stakeholders and the public.
4. Coordinate and conduct compliance audits to assess adherence to data protection requirements and recommend corrective actions.
5. Collaborate and engage with stakeholders, including data subjects, data controllers/ Processors governmental institutions, private organizations, and civil society, to ensure alignment with data protection goals.
6. Develop guidelines and best practice documents for data protection compliance.
7. Provide expert advice to the Authority and stakeholders on compliance obligations and data protection matters.
8. Prepare reports on compliance-related activities and findings for submission to relevant authorities.
9. Support the development and implementation of data protection policies and procedures.
10. Establish and maintain processes for handling data protection impact assessments.
11. Monitor changes in data protection laws and regulations and implement necessary updates to the compliance program. xii. Any other duties as assigned from time to time.

REQUISITE QUALIFICATION AND EXPERIENCE
The desired candidate must possess the following qualifications and experience:

1. Masters Degree in Law, Computer Science, Information Communication Technology (ICT), or related field;
2. Advanced certification in data protection, privacy law, or information security (e.g., CIPP, CIPM, CIPT) is an added advantage;
3. A minimum of 5 years’ experience in data protection, compliance, or a related regulatory field.

SKILLS AND COMPETENCIES

1. Strong knowledge of data protection principles, privacy laws, and the Data Protection Act;
2. Demonstrated experience in stakeholder engagement and program implementation.
3. Proficiency in conducting audits and preparing compliance reports.

METHOD OF APPLICATION
Applicants are required to apply by filling out the form on the following link https://tinyurl.com/ye5pytpy. The application process requires you to fill out the form and upload copies of your certificates on the link provided on the form. Please ensure you have a good internet connection. The application process is estimated to take 29 minutes to complete. Please submit your application by end of the day of 25th July 2025. Only short-listed candidates will be acknowledged.