Data Protection Officer || Midlands State University

  • Gweru

Midlands State University

DUE: 11 NOV 2023

Applications are invited from suitably qualified and experienced persons for the following post:


Data Protection Officer (1 Post)

Qualifications, Skills and Experience

  • A university degree or post graduate qualification in Data analytics / Computer Science / Information Systems / Information Technology / Information Security and Assurance / Information Systems or any relevant field.
  • IT Governance Certification such as CRISC/CISA/CGEIT and COBIT is a must.
  • Master degree in Information Technology or related field is an added advantage.
  • Three years relevant working experience in a governance environment
  • Professional knowledge and practical experience of Zimbabwean data protection laws and regulations. The potential applicant should also be aware of the evolving nature of the Data Privacy and Protection regulations, both locally and internationally.

Key Job Purpose

In this role, the successful applicant will be responsible for ensuring that University is compliant with the relevant Zimbabwe data protection laws, namely, Data Protection Act 2018, Zimbabwe Cybersecurity and Data Protection Bill and any other relevant laws.

Duties and Responsibilities

  • Ensures that University is compliant with the provisions of the Data Protection Act, including any regulations made thereunder.
  • Review projects undertaken by University which relate to data collection, processing and storage, in ensuring that all the relevant laws and regulations are adhered to.
  • Handling requests made to the Institution in relation to the Data Protection Act and any other relevant regulations.
  • Liaising with the relevant Authority.
  • Assist in planning and designing of an overall risk management framework for the University
  • Carries out cyber security risk assessments in line with guidelines (such as penetration tests, vulnerability assessments).
  • Conduct audits and assessments of the University’s data processing activities
  • Monitors software and infrastructure for internal and external intrusions, attacks, and hacks and recommends corrective action.
  • Closes off security vulnerabilities in the case of an attack by liaising with internal Technology Services team.
  • Assesses Business Continuity Plans and Disaster Recovery Plans and makes appropriate recommendations.

NB:    Midlands State University is an equal opportunities employer. In the interest of promoting gender parity, female candidates are encouraged to apply.


Applicants must submit copies of applications with the following: application letter, certified certificates and curriculum vitae giving full details of names, place and date of birth, experience, present salary, date of availability, contact telephone number (s) and names and email addresses of three referees to:

The Deputy Registrar (Human Resource)
Midlands State University

Application documents must be in a single scan pdf format.

The closing date for this advert is 11 November 2023.

Applicants should clearly state the post being applied for in the subject line.  It should also be noted that non-adherence to any of the above instructions will automatically cause the application to be disqualified.

Please note that only shortlisted candidates will be communicated to.