Job description
Closing date: 03/06/2026
Number of positions: 1
Recruiter name: Siva Krishna Bonda
Reference number: 70230
Mediclinic Corporate Office Dubai | Dubai | United Arab Emirates
MAIN PURPOSE OF JOB
To lead the implementation, monitoring, and continuous improvement of data privacy, protection, and regulatory compliance frameworks across Mediclinic Middle East, ensuring alignment with applicable UAE data protection laws, EU GDPR requirements, and organisational governance standards. The role fulfils the responsibilities of the Data Protection Officer (DPO) and provides strategic oversight, advisory support, and assurance to the business on privacy and compliance matters.
KEY RESPONSIBILITY AREAS
KEY RESPONSIBILITY AREAS
NO
DESCRIPTION
1
Privacy and Data Protection – Implement, monitor and ensure compliance with and governance of all aspects of privacy and data protection framework
2
Legal Compliance – Drive the regulatory compliance strategy and culture
3
Leadership – Provide oversight and assurance to the business
REQUIRED EDUCATION
ESSENTIAL EDUCATION
Bachelor’s Degree in Law, Information Technology, Computer Science, Commerce, Risk Management, Information Security, or a related field.
DESIRED EDUCATION
Professional certification in Data Privacy or Information Governance from recognised institutions such as IAPP (CIPP/E, CIPM), ISACA, ISO, or equivalent.
REQUIRED EXPERIENCE
ESSENTIAL MINIMUM EXPERIENCE
At least 5 years’ experience in Privacy and Data Protection within Legal, Compliance, Information Security, Risk Management, or Data Governance functions, with demonstrated experience in implementing and managing privacy compliance frameworks and data protection programmes.
DESIRED EXPERIENCE
At least 2 years’ experience in data protection and regulatory compliance within a complex corporate environment, including engagement with executive and senior stakeholders. Experience within the healthcare sector and/or GCC regulatory environment is highly advantageous.
Certification in compliance, information security, or risk management is also advantageous.
REQUIRED JOB SKILLS AND KNOWLEDGE - Data Privacy & Protection (POPIA, GDPR)
- Ability to manage often contradictory priorities of multiple stakeholders
- Cybersecurity architecture & compliance
- Business communication skills
- Data Analytics & Interpretation
- Cyber Security incident response planning and practices
All applicants will be considered, with the understanding that preference will be given to the designated groups in accordance with the United Arab Emirates Emiratization Program. If you wish to grow with us, apply now and become a part of the Mediclinic Middle East Family