About our company:
Galaxy Holdings, a digital technology group within the Sovico ecosystem, operates across multiple industries including banking, finance, securities, insurance, aviation, real estate, healthcare, and education. It serves as the Group’s core technology platform, consolidating market-leading capabilities to drive digitalization, innovation, and scalable business growth across all member companies.
Responsibilities:
The Data Protection Officer (DPO) is a senior-level, independent role responsible for data protection governance and compliance across a diversified multi-industry ecosystem, including banking, securities, insurance, aviation, healthcare, education, and real estate.
The DPO acts as an independent data governance and audit authority, ensuring that data collection, processing, storage, sharing, and utilization comply with applicable regulations, internal standards, and operational requirements – while supporting sustainable business growth. This role operates independently, providing advisory, challenge, and assurance to Executive Management, and working closely with internal stakeholders and external partners.
1. Ecosystem-level Data Governance & Compliance
- Design and oversee a group-wide data protection and governance framework applicable across regulated and non-regulated industries.
- Ensure alignment between local and international data protection regulations and internal governance standards.
- Establish policies, procedures, and guidelines for personal data, sensitive data, and critical business data management.
2. Data Control, Assessment & Audit
- Act as an independent data compliance reviewer and internal auditor for data-related processes and systems.
- Conduct data compliance and risk assessments, and recommend remediation actions.
- Review cross-entity data flows, data-sharing models, centralized data platforms, and third-party data usage.
3. Data Risk & Security Governance
- Collaborate with IT, Information Security, and Risk teams to ensure appropriate data protection controls.
- Support data incident response, impact assessment, and continuous improvement initiatives.
- Monitor emerging data protection risks and regulatory trends across industries.
4. Advisory & Stakeholder Engagement
- Advise Executive Management and business units on data compliance and risk-related matters.
- Engage with external partners, vendors, legal advisors, and auditors as required.
- Act as a constructive challenger to ensure data-related decisions are well-governed and risk-aware.
Job requirements:
- Minimum 10–15 years of experience in data, IT, data governance, compliance, or data-related audit roles.
- Hands-on experience in complex, multi-system, multi-industry data environments.
- Strong understanding of data lifecycle, data architecture, data usage, and associated risks.
- Strong analytical, logical, and independent working capability with high resilience.
- Excellent stakeholder engagement and advisory skills; comfortable working with senior leadership.
- Proficiency in English is a strong advantage.
- An independent governance and assurance role, not a purely operational position.
- Direct impact on risk management, reputation, and sustainability of the ecosystem.
- Exposure to highly regulated and data-intensive industries.
Benefits:
- Competitive salary package (Base salary and performance bonuses).
- Probation period salary is 100% of the official salary.
- Comprehensive health and accident insurance.
- 15 days of annual leave, 3 remote work days per month.
- Provision of work equipment (Macbook/ Laptop, mouse, monitor, etc.).
- A creative and modern working environment.
Working location: Galaxy Innovation Hub – D1 Hi Tech Park, District 9, HCMC
Kindly send your CV to: talent@galaxyholdings.co
