At BHP we support our people to grow, learn, develop their skills and reach their potential.
With a global portfolio of operations, we offer a diverse and inclusive environment with extraordinary career opportunities. Our strategy is to focus on creating a safe work environment where our employees feel strongly connected to our values and objectives, and where the capability of our people is key to our success.
Come and be a part of this success.The Chief Data Privacy Officer will lead the development of a sustainable and effective privacy and data protection program for BHP to drive compliance to global and local legislation and obligations and to build trust and confidence in how BHP manages and protects the personal data which it collects.
- Develop and lead the vision for BHP’s Privacy and Data Protection program through implementing and operating the privacy and data protection uplift program and development of BHP’s global Privacy and Data Protection office.
- Own BHP’s privacy and data protection governance structure including accountabilities, decision making forums and relevant policies.
- Establish and program manage a cross functional team, including Technology, Cyber, HR, legal, procurement, audit and other internal stakeholders to ensure privacy disciplines are uplifted and embedded across the organisation;
- Works with the relevant data owners, functions and assets to appropriately identify the relevant privacy risks and approach to manage the risks and ensure achievement of compliance obligations.
- Ensure BHP maintains appropriate privacy notification and consent materials.
- Manage and monitor the effectiveness of the global data protection and privacy framework to ensure compliance with relevant regulatory obligations, defining gaps in compliance requirements and drive ongoing improvement in data handling practices.
- Providing advice on matters related to data privacy including requirements definition, policies and procedures, risk and interpretation of regulation.
- Communicate BHP’s position on risk and compliance matters as it relates to privacy and data protection, identifying trends in privacy and regulatory requirements and compliance enforcement.
- Maintain BHP’s incident management framework where it relates to privacy data breaches including coordinating responses for incidents where it is determined as necessary.
- Liaise with regulatory and supervisory authorities where required; and to be the first point of contact for individuals whose data is processed.
- As a Risk Owner, be responsible and accountable to ensure that critical controls are managed so that the material risk is maintained in a well-controlled state, such that controls, processes and performance requirements evaluated are adequate, appropriate and effective to provide reasonable assurance that risks are being managed; and, business and functional effectiveness objectives met.
The successful candidate will have experience in privacy and information security programs including strategy, data privacy governance and mapping, change management, process control, incident management, reporting and training and awareness. You will have a strong program management background and a proven track record in delivering complex global privacy programs.
Knowledge of Australian privacy laws and expert experience in data privacy principals including GDPR will also be advantageous.
The ideal candidate will also hold one or more of the follow certifications: Certified Information Privacy Professional (CIPP), Certified General Data Protection Regulation Practitioner (GDPR-P), Certified Information Privacy Management (CIPM), Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information System Controls (CRISC) or Certified Information Systems Auditor (CISA).
At BHP, we recognise that we are strengthened by diversity. We are committed to providing a work environment in which everyone is included, treated fairly and with respect. We are an Equal Opportunity employer and we encourage applications from women and Indigenous people. We know there are many aspects of our employees’ lives that are important, and work is only one of these, so we offer benefits to enable your work to fit with your life. These benefits include flexible working options, a generous paid parental leave policy, other extended leave entitlements and parent rooms.