Share this Job
Apply now

Apply for Job

Head of Regulatory Division - Data Protection

Sector:  NEOM Authority
Division:  NEOM Infrastructure

Position: Head of Regulatory Division - Data Protection

Reports to: Head of NEOM Data Protection Administrator (the Information Commissioner)

Sector: NEOM Authority - Policy and Regulations 
Job Location: Sharma, KSA


Role Purpose: 

The Head of Regulatory Division will support the DPA in being a front-runner in the regulatory field of data protection, becoming the world’s most forward-looking, digitalised, and efficient DPA. In line with this vision, the Head of the Regulatory Division should be effective, explore and leverage the world’s most advanced processes, be ready to address upcoming privacy challenges tied with connected devices, AI and 5G. They will have a strong vision on how to protect individuals’ right to data protection while also standing for a relevant and operational definition of businesses’ legitimate interest to process personal data.


To invest in the DPA’s future success and enable a world-leading reputation, NEOM is looking for an outstanding individual, with a strong desire to play an active role to keep the DPA at the forefront of global regulatory best practice and innovation in business development. The Head of Division will use their experience in order to develop and champion the unique and innovative features of NEOMs Data Protection Regulation. This will ensure international recognition of NEOMs Data Protection regime as breaking new ground in balancing the protection of personal data whilst providing for innovation and appropriate use of data.


To achieve this ambitious roadmap, the Head of the Regulatory Division will be required to:

  • Provide executive leadership and strategic direction for the NEOM Data Protection Authority (the DPA) with regards to data protection guidance at large (including prior authorizations, codes of conduct approval, lawfulness of processing, assessment of controllers’ legitimate interests),
  • Drive regulatory governance and develop a strong reputation as an enabler of innovation and front-runner on data protection and cognitive city innovations,
  • Be ultimately accountable for all Regulatory responsibilities, powers and tasks conferred to the DPA by the NEOM Data Protection Law.



The Head of Division provides executive leadership and strategic direction for the Regulatory Division of NEOM Data Protection Authority (the DPA) and is ultimately accountable for all responsibilities, powers and tasks conferred to this Division by the NEOM Data Protection Legislation.

Within the DPA, the Head of Division helps making decisions on the issues of strategic importance regarding the application of the Regulation, as well as development of the DPA’s regulatory responses to technical innovations.

Considering the strategic value of data and the opportunities that lie in responsible data use, the Head of Division also engages with innovators, entrepreneurs and their representatives in order to drive growth across the NEOM economy.

Key Accountabilities

  • Proactively set the regulatory strategy of the DPA and coordinate its development with other DPAs’ Divisions
  • Coordinate the development of processes, tools and templates to help ensure compliance with NEOM data protection laws and regulations.
  • Define procedures and guidelines that will avoid undue regulatory uncertainty or risk, in order to foster growth across the NEOM economy
  • Support the Administrator in representing NEOM’s long term vision of international regulatory leadership
  • Coordinate the Regulatory Sub-unit’s work and its professionals
  • Create and facilitate advisory committees and bodies for specific Regulation topics (such as sensitive data)
  • Help develop regulatory sandboxes, policy prototyping and other co-regulatory tools as needed
  • Support international relations with other regulators’ Head of Regulatory and participate/contribute to international exchanges on upcoming or innovative regulatory tools
  • Connect with the operations of the other 4 sub-departments:
    • Strategy, Policy, and Operations
    • Technology & Innovation
    • Outreach
    • Enforcement
  • Summarise actions taken to address and anticipate next gen regulatory needs in annual public reports




Knowledge, Skills and Experience:

This is a high-profile and demanding role. As such, the Head of the Regulatory Division must have the knowledge, experience and skills appropriate to the seniority and responsibilities of the role, including:

  • Strong legal acumen and their application in relation to high-risk processing,
  • Preferred Certifications related to Data Privacy, Governance, Risk management and Compliance (e.g., CIPM, CIPP/E/US/A),
  • Preferred experience in developing regulatory, governance, risk management and compliance requirements in the field of international data protection law, e.g., at national governmental level within a supervisory authority or in the commercial sector
  • Experience working at the highest level of Data Protection/Privacy law & Regulatory challenges, policy and innovation within the EU, US, Asian, Canada, Australian or other jurisdictions with significant Data Protection/Privacy history
  • Extensive experience with operationalising regulatory requirements taking a practical approach, with the ability to consider various stakeholder interests,
  • Demonstrated experience in delivering and managing innovative regulatory projects, performing analyses and developing recommendations, with the ability to translate and communicate well with internal and external stakeholders,
  • Successful track record of credible and strategic leadership and management skills, building and maintaining effective and efficient legal teams
  • Solid experience and understanding of building trusted relationships with relevant stakeholders from private and public sectors alike
  • Ability to support the DPA in making sound, independent judgements and decisions under pressure and, where necessary, defend these against internal and external challenges
  • Strong management skills, including the ability to help different teams delivering under tight deadline


Qualifications and Experience.

  • Master’s degree in Law, Public Administration and Policy, or relevant education,
  • Solid project management experience, including 7+ years’ experience in a manager role,
  • Deep expertise on current and emerging data protection processes, procedures, and tools, notably at an international level, e.g., in data transfers, data protection impact assessments, CCTV, AI, biometric technologies, online tracking, surveillance technologies and privacy enhancing technologies,


  • Free Accommodation.
  • Free Laundry and housekeeping.
  • Free transportation.
  • 2 flights per month domestic round trip.
  • 1 Annual Travel Allowance.
  • Relocation Flight.
  • Free Meals ( breakfast, lunch, dinner ).
  • Schooling - 60K SAR per child up to 3 children.
  • Bonus 20-30% annual (performance based).
  • Savings Plan ( Long-term incentive plan ).
  • Medical insurance ( VVIP health coverage), for Employee, Family & Parents.
  • Annual Leave 30 working days annual.
  • Remote Working 24 working days annual.


Apply now

Apply for Job