Data Protection & Information Security Analyst at Niajiri Platform LTD

--Powermax General Electrical Merchants Ltd--

Job Description

The Data Protection and Information Security Analyst supports both internal operations and customer-facing engagements in ensuring compliance with the Personal Data Protection Act (PDPA) 2022, maintaining information security controls in line with ISO 27001, and protecting the confidentiality, integrity, and availability of information assets.

The role involves monitoring, assessing, and improving data protection and information security practices across clients and within the organization. The Analyst will also manage incidents and conduct training and awareness initiatives to strengthen overall compliance and security posture. 

Job Industry

ICT / Computer, Data, Business Analysis and AI

Job Salary Currency

Job Salary Fixed

No

Key Deliverables

Data protection and privacy compliance

The Data Protection & Information Security Analyst will be responsible for supporting privacy and compliance activities, including:

  • Supporting the implementation and maintenance of the organization’s data protection framework.
  • Assisting in developing and maintaining the Record of Processing Activities (ROPA).
  • Conducting regular Data Protection Impact Assessments (DPIAs) and advising departments on mitigating privacy risks.
  • Reviewing data processing agreements and contracts to ensure compliance with PDPA 2022 requirements.
  • Assisting in responding to data subject access requests (DSARs) and managing privacy incidents or breaches.
  • Monitoring data transfer activities to ensure compliance with cross-border data flow restrictions.
  • Supporting the DPO in preparing periodic compliance and audit reports for management and regulators.

Information security operations

  • Implementing, monitoring, and continually improving information security controls under the Integrated Management System (IMS) aligned with ISO 9001:2015 and ISO/IEC 27001:2022 standards.
  • Conducting risk assessments and supporting the development of mitigation plans.
  • Participating in vulnerability assessments and coordinating with relevant teams for remediation.
  • Monitoring system logs, alerts, and incidents to detect and respond to security threats.
  • Supporting the development and maintenance of the Information Security Management System (ISMS) documentation.
  • Coordinating internal and client security awareness and training programmes.

Governance, policy and awareness

The Analyst will support governance and awareness initiatives through the following duties:

  • Developing and maintaining policies, procedures, and guidelines on data protection and information security.
  • Conducting awareness sessions for employees, customers, and third parties on privacy and cybersecurity best practices.
  • Collaborating with IT, Legal, HR, and other departments to embed data protection and security in daily operations.

Incident management and reporting

The role includes responsibilities related to incident response and reporting, such as:

  • Participating in incident response activities, including investigation, containment, and reporting.
  • Maintaining the incident register and assisting in preparing incident reports for the DPO and management.
  • Supporting business continuity and disaster recovery initiatives.

Essential Qualities

Essential Qualities
  • Bachelor’s degree in Computer Science, Information Technology, Information Security, or a related field.
  • Foundational knowledge of data protection, information security, or quality management systems.
  • Minimum of 3 years’ experience in information security, data protection, or a related field.
  • Familiarity with Tanzania’s PDPA 2022, GDPR, or similar privacy regulations.
  • Good understanding of documentation and record-keeping within a structured management system.

Preferred certifications

The following certifications would be an added advantage, but are not mandatory:

  • ISO/IEC 27001 Foundation, Implementer, or Auditor.
  • ISO 9001 Internal Auditor.
  • CompTIA Security+, CEH, or equivalent cybersecurity certification.
  • Data Protection or Privacy certification.
  • ISACA Certified Information Security Manager (CISM).
  • Certified Information Systems Auditor (CISA).

Skills required

  • Data and analytics skills.
  • Data organization and documentation.
  • Cross-functional collaboration.
  • Problem-solving skills.
  • Collaboration and teamwork.
  • Attention to detail and accuracy.
  • Organizational skills.
  • Communication skills.


Application Process

Close Date

15/07/2026