We are looking for a Data Protection Specialist to join the Legal department of ER Management Services Limited, providing support across the ER Group. The Data Protection Specialist will report to the the Group's Data Protection Officer (DPO) and will provide guidance on data protection matters, support compliance with applicable legal and regulatory requirements, and assist the Group DPO in the execution of key responsibilities.

• Provide legal advice on data protection laws and regulations applicable to the Group’s activities. under the guidance of the Group DPO.
• Interpret and apply data protection requirements in day-to-day operations
• Monitor compliance and implement data protection frameworks
• Contribute to the development and maintenance of policies, procedures, and registers
• Lead the implementation and continuous improvement of the Group’s data protection compliance programme
• Conduct risk assessments and identify compliance gaps.
• Act as a key point of contact for data protection queries within the Group.
• Develop and deliver training sessions on data protection and digital legal topics.
• Draft, review, and negotiate contracts involving personal data (e.g., data processing agreements, service agreements).
• Support the Group DPO in the handling of personal data breaches (including but not limited to legal assessment and response, managing data subject rights)
• Provide legal input on digital and data-related projects.

• Minimum 2 years of experience in data protection, cybersecurity, compliance, or related field (legal background is a plus, not required)
• Practical knowledge of data protection frameworks, including GDPR, CCPA, and the Mauritius Data Protection Act
• Strong understanding of data governance, risk management, and privacy-by-design principles
• Understanding of contract and commercial law (particularly as it relates to data protection)
• Experience in data protection advisory, compliance operations, cybersecurity, or in-house roles
• Excellent analytical, communication, and stakeholder management skills
• Ability to simplify complex regulations and provide practical, business-oriented advice
• Comfortable advising and collaborating with technical teams, compliance functions, and business stakeholders
• Skilled in assessing and mitigating privacy and data security risks
• Proactive, organised, detail-oriented, and solution-oriented with sound judgment and strong interpersonal skills.

Nice-to-have:

• Legal or compliance background
• Experience in legal advisory or privacy impact assessments
• Data incident response or cybersecurity operations experience
• DPO certification or relevant professional qualifications