Data Protection Officer - Rabat

Company :

AXA Services Maroc is the customer relations expertise center in Morocco for the companies: AXA France, AXA Direct France, AXA Assistance, AXA Belgium, and AXA Switzerland

Present in Rabat since May 2004 and in Kenitra since 2024, we are today more than 5000 employees.

Join us:

• Is choosing the world's leading insurance brand
• Is benefiting from a multitude of advantages well beyond market standards
• Is evolving in a rewarding environment offering a diversity of professions
• Is joining a responsible group, offering a true corporate culture based on the development of each individual's skills

Our professions:

The expertise of our teams covers the main insurance professions:

• Contract sales
• Management of property and casualty and personal insurance contracts
• Management of Auto and Home claims
• Processing of Health benefits
• Making Assistance guarantees effective
• Scheduling appointments on behalf of our General Agents
• Management of Savings contracts

Company culture :

Axa Services Maroc operates within a strongly collaborative culture, where people, trust, and high-quality professional relationships are central. The company promotes close and supportive management, encouraging accountability, development, and teamwork. This human-centered environment is reinforced by robust organizational practices that ensure reliability and operational efficiency. It is balanced by a performance-oriented mindset and a measured openness to innovation, supporting collective success.

Job :

Role and main mission:

Reporting to the Head of Compliance, Internal Control, Security & Physical Security Management, your main mission is to ensure the organization's compliance with current regulations (particularly GDPR) regarding the protection of personal data, and to manage risks related to data confidentiality and security.

Main responsibilities

1. Regulatory and strategic watch

Continuously monitor regulatory changes (GDPR, local laws, CNDP recommendations...)
Support management on legal and strategic issues related to data protection

2. Data compliance and governance

Define, deploy, and maintain the personal data protection policy
Manage and update the register of processing activities
Implement and manage:

Consent management systems
Procedures for exercising data subject rights
Data breach management processes

Conduct impact assessments (DPIA) and support business projects
Manage structuring topics: data mapping, cookies, Privacy by Design
Oversee data purging campaigns (structured and unstructured data)
Manage the dedicated personal data service inbox
Handle requests for exercising rights and complaints
Ensure the compliance of processing activities and monitor declarations to the CNDP

3. Awareness and training

Design and deliver training and awareness sessions for employees
Promote a data protection culture within the organization

4. Incident and audit management

Supervise the management of personal data incidents (breaches, leaks)
Keep the incident register up to date
Lead or coordinate GDPR compliance audits
Define and monitor corrective action plans

5. Relations with control authorities

Be the primary point of contact with the CNDP
Handle mandatory declarations (incidents, files, reports)
Manage exchanges and controls with the authorities

6. Advice and support

Support business units and data controllers in their projects
Integrate GDPR requirements from the design stage (Privacy by Design / by Default)

Required profile :

You have a Master's degree (Bac + 5) in a legal field (business law, digital law, personal data law), in IT (information system security), or in a business school with a specialization in compliance or risk management.

Professional experience:
A minimum of 2 to 3 years of experience in similar roles (lawyer specialized in personal data, compliance auditor, or GDPR consultant)

• In-depth mastery of GDPR
• Knowledge of "Privacy by Design" and "Privacy by Default" methodologies
• Management of data processing mapping tools
• Information system security principles (ISS)
• Project management

Head office address :

Desired personality traits :

Emotional distance Rationalism Flexibility Need for reflection Organization