Data Protection & Legal Compliance Officer

ICEA Lion Group, one of East Africa's leading insurance and financial services conglomerates, is seeking a detail-oriented and proactive Data Protection & Legal Compliance Officer to join its Legal and Compliance team in Nairobi. This role sits at the intersection of data privacy law and corporate legal practice, offering a unique opportunity to contribute to the governance and regulatory compliance framework of a multi-subsidiary financial institution.

Reporting to the Data Protection Officer (DPO) and the Legal team, the successful candidate will support the Group's adherence to Kenya's Data Protection Act, sector-specific regulations, and contractual obligations across the business. If you are a qualified advocate with a passion for data privacy and corporate law, this role provides the ideal platform to build a distinguished legal compliance career.

• Maintain and continuously update the Records of Processing Activities (RoPA) register to reflect current data processing operations across all subsidiaries.
• Support the timely renewal of registration certificates from relevant regulatory bodies including the Office of the Data Protection Commissioner (ODPC).
• Assist the DPO in monitoring and ensuring subsidiary-level data protection deliverables are completed on schedule.
• Maintain and update the third-party vendor register, and ensure Data Processing Agreements (DPAs) are executed with all relevant data processors.
• Manage the Data Subject Rights (DSR) request tracker and ensure all requests are resolved within legally prescribed timelines.
• Monitor and track emerging Data Protection Regulations, Guidelines, and Determinations issued by the ODPC and other bodies.
• Review, draft, and revise a wide range of court pleadings, contracts, and legal correspondence.
• Provide strategic legal input on business matters and commercial transactions.
• Support the continuous improvement of standard form agreements and legal process documentation.
• Research and analyse statutes, regulations, and legal precedents applicable to the Group's operations.
• Conduct gap analyses on proposed and enacted legislation affecting the Group's business activities.
• Track legal compliance levels across entities and produce periodic compliance reports.
• Maintain the Litigation Tracker, prepare periodic litigation status reports, and coordinate communication with external counsel.
• Perform any other duties as may be assigned by Management from time to time.

• Interpret and apply Kenya's Data Protection Act and subsidiary regulations to practical business scenarios across a multi-entity financial group.
• Draft, review, and negotiate legal contracts including Data Processing Agreements, NDAs, and commercial agreements with minimal supervision.
• Conduct thorough legal research and translate findings into actionable compliance recommendations.
• Manage multiple compliance trackers and registers accurately and proactively flag risks before deadlines are missed.
• Communicate complex legal concepts clearly to non-legal business stakeholders both verbally and in writing.
• Perform regulatory gap analyses and contribute meaningfully to legal risk management processes.
• Demonstrate high personal integrity and handle confidential information with absolute discretion.
• Work efficiently in a fast-paced, regulated financial services environment under tight deadlines.

ICEA Lion offers a competitive remuneration package benchmarked against the Kenyan financial services industry. The estimated monthly gross salary for this role ranges from KES 80,000 to KES 140,000 depending on qualifications and experience. The Group also offers a comprehensive benefits package typical of a leading insurance employer.

• Medical insurance cover
• Performance-based bonus
• Professional development and training support
• Pension/provident fund contributions

Ideal Candidate: You are a recently admitted Advocate of the High Court of Kenya (or awaiting admission) with a Bachelor of Laws degree and a strong academic grounding in Kenyan contract law and data protection legislation. You have a keen eye for detail, strong drafting skills, and are eager to grow within a structured legal and compliance environment in the financial services sector. Additional certification or training in Data Protection (e.g., CIPP, CIPM, or ODPC-accredited training) is a significant advantage.

Do NOT apply if: You do not hold an LLB degree from a recognised institution, you are not yet admitted or in the process of admission to the Kenyan bar, or you have no working knowledge of Kenya's Data Protection Act and the legal compliance landscape. This role is not suited for candidates seeking purely transactional or litigation-focused positions with no interest in regulatory compliance.

Interested and qualified candidates should submit their application through the ICEA Lion Group official careers portal or via the job platform where this posting was found. Your application should include:

• An updated CV clearly detailing your legal qualifications, admission status, and relevant experience.
• A cover letter addressed to the Head of Legal & Compliance explaining your suitability for the role and your specific interest in data protection and legal compliance.
• Copies of your LLB certificate and any data protection training certificates (if available).

Only shortlisted candidates will be contacted. ICEA Lion is an equal opportunity employer.