Data Governance & Privacy

A leading property and hospitality group in Jakarta is seeking a highly knowledgeable Data Governance and Privacy to establish and lead a new, enterprise-wide function at the senior manager level.

Data Governance and Privacy

Salary: Competitive and based on experience

Location: Jakarta

Keywords: Data governance, Privacy compliance, Regulatory expertise, Data quality management, Enterprise data architecture, Stakeholder collaboration, Leadership, Data protection officer, Cross-functional influence, Strategic data management

This pivotal role will transform how personal and organisational data is managed, protected, and leveraged across 19+ entities, ensuring full compliance with Indonesia’s Personal Data Protection Law (UU PDP) while building a foundation for strategic decision-making and operational excellence. As the designated Data Protection Officer (DPO), you will be empowered to shape policy, drive cultural change, and collaborate closely with executive leadership, IT, Legal, Audit, and business units. You will have the authority to influence at Board level, present directly to the CEO or Director of Finance & Corporate Strategy, and build a team that supports both immediate regulatory needs and long-term data maturity. This is an exceptional opportunity for someone who thrives on responsibility, values cross-functional teamwork, and wants to make a lasting impact on how data is valued as an organisational asset.

• • Take ownership of a newly created senior position that combines legal compliance with strategic data management across all business units in property and hospitality.
• • Enjoy direct access to executive leadership and Board-level visibility while shaping the organisation’s approach to privacy, data quality, architecture, and governance.
• • Be supported by a collaborative environment with opportunities for professional development, cross-functional teamwork, and the chance to build your own high-performing team from the ground up.

What you'll do:

As Data Governance and Privacy you will play a central role in transforming how this organisation manages its most valuable asset: information. Your day-to-day work will span regulatory compliance as DPO under UU PDP; designing frameworks that clarify who owns what data; setting standards for quality; overseeing architectural decisions; responding swiftly to incidents; collaborating with IT, Legal, Audit, Operations; mentoring your team; influencing stakeholders without direct authority; presenting findings at Board level; liaising with regulators; managing external vendors; driving cultural change through training initiatives; and reporting progress against measurable KPIs. Success in this role means not only meeting legal requirements but also embedding best practice so that every guest experience, tenant relationship, employee record or investor interaction is underpinned by trusted data.

• Act as the designated Data Protection Officer under UU No. 27/2022, ensuring all statutory obligations are met across multiple entities handling sensitive personal information.
• Develop and maintain comprehensive privacy policies, consent frameworks, and Records of Processing Activities (ROPA) that align with both local regulations and international best practices.
• Lead incident response protocols for data breaches—including containment, root cause analysis, regulator notification within prescribed timelines—and ensure robust remediation plans are in place.
• Design and implement an enterprise-wide Data Governance Framework that defines clear roles for data ownership, stewardship, classification, access controls, and accountability.
• Chair the Data Governance Council by convening business unit heads quarterly to align on priorities, resolve issues collaboratively, and foster a culture of shared responsibility for data assets.
• Establish rigorous data quality standards—accuracy, completeness, consistency—and oversee regular assessments with actionable improvement plans involving IT and system owners.
• Define target state enterprise data architecture (data warehouse/lake/hybrid), govern integration patterns across core systems (ERP/PMS/HRIS/CRM), and maintain authoritative data lineage maps.
• Oversee a small but growing team including a Data Engineer and Data Quality Analyst; provide matrix leadership to designated Data Stewards embedded in each business unit.
• Drive adoption of modern data tools suitable for scale; set standards for ingestion, transformation, storage security (encryption/audit logging), and monitor infrastructure performance.
• Champion training programmes that raise organisational awareness around privacy rights, responsible handling of personal information, and the importance of high-quality data.

What you bring:

Your background will demonstrate deep expertise in both regulatory compliance (especially UU PDP/GDPR) and practical implementation of enterprise-wide frameworks that improve how organisations collect, protect and use personal information. You bring strong analytical thinking combined with empathy for end users—balancing legal obligations with operational realities. Your communication style is clear yet persuasive; you thrive when working collaboratively across functions; you are comfortable navigating ambiguity; you can interpret complex regulations into actionable policy without over-reliance on external counsel. Experience in property/hospitality/financial services is especially valued due to the volume/sensitivity of PII handled. You are committed to continuous learning—whether through formal certification or hands-on project delivery—and you enjoy mentoring others as much as delivering results yourself.

• Minimum S1 degree in Computer Science, Information Systems, Statistics, Mathematics or Law (with technology exposure); S2 or relevant postgraduate qualification strongly preferred.
• At least 8 years’ total experience—with 10-12 years ideal—in data governance or privacy roles within property/hospitality/financial services/retail or other consumer-facing sectors handling large-scale PII.
• Direct hands-on experience as DPO or equivalent privacy officer for at least 3-5 years including operationalising GDPR/UU PDP/comparable frameworks in complex organisations.
• Proven ability to design scalable enterprise data architectures (data models/integration patterns/platforms) supporting multi-entity environments.
• Demonstrated success building or evolving a comprehensive data governance framework from scratch using DAMA DMBOK principles or similar methodologies.
• Familiarity with Indonesian regulatory landscape (OJK/BI) as well as international cross-border transfer requirements affecting hospitality guests/business partners.
• Experience leading small teams or cross-functional initiatives—comfortable presenting to C-suite/Board level audiences on risk posture/data strategy/progress metrics.
• Professional certifications such as CDMP (DAMA International), CIPM/CIPP/A (IAPP), TOGAF/DAMA-DMBOK or cloud platform credentials (AWS/GCP/Azure) are highly desirable but not mandatory.
• Excellent stakeholder engagement skills—able to influence peers/executives without direct authority while fostering trust-based relationships across IT/Legal/Audit/Operations.
• Track record of driving cultural change around data literacy/privacy awareness through training programmes or advocacy.

What sets this company apart:

This organisation stands out as one of Jakarta’s most respected names in property development and hospitality management—operating across commercial real estate portfolios as well as premium hotels serving both domestic clients and international guests. The company has made a strategic commitment to treating personal information not just as a compliance requirement but as an asset that drives better service delivery for tenants/investors/employees alike. By investing in this new function at senior manager level—with direct access to executive leadership—they are signalling their intent to lead the market on privacy protection while unlocking value from trusted data. You will benefit from generous support for professional development (including annual budgets for certifications/conferences), transparent performance incentives linked to meaningful milestones (not just financial targets), comprehensive health/social security coverage (BPJS), positional allowances appropriate for your grade—and above all—a culture where your expertise is respected at every level from Boardroom to front-line operations. If you want your work to matter—to shape policy today while building capability for tomorrow—this is your platform.

What's next:

If you are ready to take ownership of Jakarta’s most influential new role in data governance and privacy—and help shape the future of responsible information management—we encourage you to apply now!

Apply today by clicking on the link provided. Your journey towards making a lasting impact starts here.

Due to the high volume of applications we are experiencing, our team will only be in touch with you if your application is shortlisted.