Summary
Overview
Work History
Education
Skills
Certification
References
Languages
Timeline
Generic
Nerika Maharaj

Nerika Maharaj

Pretoria

Summary

Dynamic Senior Manager in Information Privacy at MTN SA, adept at driving compliance initiatives and enhancing data protection strategies. Expert in stakeholder engagement and vendor risk management, successfully led privacy impact assessments and education programs, fostering a culture of compliance and security across the organization.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Senior Manager: Information Privacy

MTN SA
Johannesburg
05.2025 - Current
  • Led legal advisory and compliance initiatives for responsible personal data use across MTN.
  • Oversaw regulatory compliance, strategic project support, third-party risk management, and stakeholder engagement.
  • Provided guidance on POPIA by reviewing data processing agreements to embed safeguards.
  • Conducted risk-based privacy impact assessments for digital innovations, API integrations, and AI solutions.
  • Managed third-party privacy risks by advising on vendor obligations and ensuring contract compliance.
  • Responded to regulatory inquiries and data subject complaints, ensuring timely mitigation actions.

INFORMATION PRIVACY MANAGER

MTN SA
01.2024 - 04.2025
  • Lead and coordinate Information Privacy initiatives to enhance data protection and minimize organizational risks.
  • Incorporate Privacy by Design in projects to identify and mitigate privacy risks at the design stage.
  • Enforce policies for Data Subject Participation, Incident & Breach Management, and Direct Marketing, ensuring compliance with privacy laws.
  • Oversee regulatory compliance with PoPI Act, managing third-party assessments, incident responses, and customer consent processes.
  • Conducted bi-annual privacy maturity assessments to strengthen regulatory compliance and identify improvement areas across MTN SA Business Units.
  • Managed and updated Personal Information (PI) Inventory, ensuring secure data storage and facilitating transparent information flows.
  • Initiated Information Privacy education programs, including awareness campaigns and training, to cultivate a privacy-aware organizational culture.
  • Ensure records management compliance, aligning retention, disposition, and security of records with privacy regulations and corporate standards.
  • Collaborate with stakeholders on data security initiatives to ensure secure data handling and privacy regulation alignment.
  • Lead privacy risk workshops and collaborate with IT and legal teams to mitigate risks under POPIA.

COMPLIANCE SPECIALIST

Cloud Essentials
07.2023 - 12.2023
  • Advised clients on developing, deploying, and enforcing policies, procedures, frameworks, and technology controls for secure and proper data usage and maintenance.
  • Conducted compliance and risk workshops with clients, utilizing best practices like ISO 27001 and NIST alongside Microsoft technology to define and manage data privacy objectives for compliance with POPI, GDPR, and CCPA.
  • Advised clients on compliance with Data Privacy programs, retention and disposition management, and data classification taxonomy.

PRIVACY ASSISTANT MANAGER (CYBER PRIVACY)

Deloitte South Africa
02.2023 - 06.2023
  • Advising clients on compliance with global data privacy laws, focusing on laws like the Protection of Personal Information Act, 2013 (POPIA), the EU General Data Protection Regulation, 2018 (GDPR), and other African regulations.
  • Guiding clients on legal, organizational, and technical privacy challenges and helping them integrate privacy into technology and business operations.
  • Assisting clients in identifying and reducing privacy and data protection risks following standards such as ISO 27001, 27701, and NIST.
  • Developed and improved policies, procedures, and operational methods to enhance privacy and data protection compliance.
  • Supervising and supporting the professional growth of team members.
  • Conducted privacy-related audits for a mining company, delivering data-privacy training, operational procedure templates, and compliance frameworks to strengthen data governance.
  • Prepared privacy compliance reports and assessments for telecommunications and IT companies, ensuring alignment with regulatory requirements.
  • Proposing to support a multinational fertilizer company with a group-wide privacy program rollout and conducting privacy assessments for IT and mining sectors.
  • Assisting a large financial institution in enhancing its records retention and disposal processes to address enterprise-wide challenges effectively.

PRIVACY OFFICER (SECONDMENT)

Road Accident Fund
07.2021 - 01.2023
  • Assisted Deputy Information Officer in implementing organization's privacy program, enhancing compliance and governance.
  • Developed Compliance Risk Management Plan for POPI, reviewed privacy clauses in agreements, conducted training on privacy topics, provided privacy advice, researched compliance best practices, managed privacy incidents, drafted PAIA manual, processed information access requests, monitored security safeguards, and reported to EXCO and Board Committees, ensuring effective privacy management.
  • Developed privacy policies in compliance with regulatory requirements for personal data.
  • Conducted risk assessments to identify potential data privacy issues and vulnerabilities.
  • Collaborated with departments to implement effective data protection strategies and practices.

SENIOR COMPLIANCE PRACTITIONER

Road Accident Fund
04.2020 - 01.2023
  • Developed and assessed Compliance Risk Management Plans; advised business on compliance solutions and created action plans to close identified compliance gaps; monitored and reported legislative developments to management; investigated compliance violations, conducted root cause analysis, and reported outcomes to management; vetted draft policies, standard operating procedures, and directives for compliance with legislative and regulatory obligations; participated as compliance representative in Bid Evaluation and Bid Specification Committees; alerted stakeholders to compliance risks for implementation of preventative risk reduction measures; drafted monthly reports for EXCO and Board Committees.
  • Embed a culture of compliance through regulatory awareness sessions to the business.
  • Managed claims processing for road accident victims efficiently and accurately.
  • Conducted thorough investigations to determine liability in accident cases.
  • Collaborated with legal teams to prepare case files and documentation.

SENIOR LITIGATION OFFICER

Road Accident Fund
11.2019 - 03.2020
  • Supervise block settlement team which consisted of 7 members, responsible for performance reviews, managing leave approval, delegating work tasks and motivating team; Manage meetings with Plaintiff's Attorney to negotiate possible settlement of RAF claims; Review and approve RAF claims assessments prepared by claims officer to ensure compliance with internal procedures, policies, legislative and regulatory requirements; Provide technical support and guidance to team members on quantifying special and general damages; Conduct research on case law; Monthly reporting to Management on performance of the block settlement project.
  • Managed claims processing and ensured compliance with regulatory requirements.
  • Conducted thorough investigations of road accident claims for accuracy.
  • Collaborated with legal teams to prepare case documentation and reports.

LITIGATION OFFICER

Road Accident Fund
10.2017 - 10.2018
  • Responsible for managing RAF trial matters within delegated portfolio; Conduct preliminary assessment of litigated files; Analyse claim to determine compliance with statutory requirements; Assess matter to determine negligence and liability of the RAF; Determine nexus and quantify the special and general damages to be awarded to road accident victims; Establish litigation strategy and provide panel attorney with instructions; Reporting on trial outcomes and settlements to Management and requesting payment.
  • Managed claims processing for road accident victims efficiently.
  • Reviewed documentation to ensure compliance with legal standards.
  • Coordinated with legal teams for claim dispute resolutions.

LITIGATION ATTORNEY

Fourie Fismer Inc
01.2016 - 09.2017
  • Managed High Court third-party litigation practice, appearing in court for trial matters and pre-trial conferences; drafted legal opinions on litigation strategies for defending road accident claims; researched, analyzed, and applied law and case law for personal injury claims and quantified general damages; collaborated with outside counsel on trial matters; consulted with opposing attorneys during pre-trial conferences; reported trial outcomes to clients.
  • Operated boutique firm specializing in third-party litigation defense.
  • Drafted legal documents for various litigation cases and client needs.
  • Researched case law and statutes to support litigation strategies.
  • Represented clients in court hearings and settlement negotiations.

CANDIDATE ATTORNEY

Fourie Fismer Inc
01.2014 - 12.2015
  • Researched legal issues for senior attorney and interpreted statutes and case law; Assisted in representation of client in Magistrate Court pre-trial conferences; Drafted legal executive summary for client on third-party litigation matters; Drafted notices, motions, correspondence; settlement agreements and discovery affidavits; Responsible for serving, filing and issuing of documentation in line with court rule timelines; Preparing for trials which included consulting with witnesses and clients, compiling briefs for counsel and drafting instructional letter to counsel; Acquired working knowledge of the rules of court and gained experience in defending third-party litigated matters.
  • Drafted legal documents and pleadings for various court proceedings.
  • Conducted legal research to support case strategies and client needs.
  • Assisted senior attorneys in preparing for trials and hearings.

INTERN

Department of Trade and Industry
04.2013 - 12.2013
  • Conducted research within the Consumer and Corporate Regulatory Division, including benchmarking and document analyses; drafted reports for the Specialist Committee on Companies Law and the Standing Advisory Committee on Intellectual Property; gained experience in interpreting legislation, drafting legislation, and advising on proposed amendments; planned and coordinated special projects like CONTRALESA rollout workshops, including drafting submissions and memoranda for departmental directors; provided administrative support to the Patent Exam Board.
  • Arrangement of venues, drafted timetables, liaised with students and invigilated the examinations; During this time, improved my research and writing skills, expanded my communication and presentation skills and developed project management skills.
  • Assisted in drafting policy documents for trade regulations.
  • Conducted market research to support trade initiatives.
  • Collaborated with team members on project proposals and presentations.

Education

Master of Laws - Information And Communication Law

University of The Witwatersrand
Johannesburg, South Africa
12-2027

MANAGEMENT DEVELOPMENT PROGRAMME -

University of Pretoria
Pretoria
12-2022

SHORT COURSE CYBERSECURITY: MANAGING RISK IN THE INFORMATION AGE -

MANCOSA
12-2022

PRACTICAL INFORMATION GOVERNANCE -

UCT Law@work
12-2022

CERTIFICATE OF ATTENDANCE -

Kazient Privacy Experts & IAPP
12-2022

SHORT COURSE IN DATA PROTECTION AND PRIVACY -

University of Cape Town
12-2021

SHORT COURSE IN EFFECTIVE RISK MANAGEMENT -

University of Pretoria
12-2020

ETHICS OFFICER CERTIFICATION -

University of Stellenbosch, Stellenbosch Business School
12-2020

POSTGRADUATE DIPLOMA IN COMPLIANCE MANAGEMENT -

University of Johannesburg
12-2020

POSTGRADUATE CERTIFICATE IN CORPORATE GOVERNANCE -

University of Johannesburg

Skills

  • Data privacy
  • Auditing and compliance
  • Risk assessment
  • IT security practices
  • Encryption techniques
  • Vendor risk management
  • Stakeholder engagement
  • Influencing and negotiating
  • Employee training programs
  • Effective communication

Certification

  • Certified Information Privacy Manager (CIPM), The International Association of Privacy Professionals (IAPP), 10/24
  • Certified Information Privacy Professional/Europe (CIPP/E), The International Association of Privacy Professionals (IAPP), 02/23
  • Certified Ethics Officer[EO1079], The Ethics Institute, 09/20
  • Admission as Attorney, North Gauteng High Court, South Africa, 02/16

References

Available upon request

Languages

English

Timeline

Senior Manager: Information Privacy

MTN SA
05.2025 - Current

INFORMATION PRIVACY MANAGER

MTN SA
01.2024 - 04.2025

COMPLIANCE SPECIALIST

Cloud Essentials
07.2023 - 12.2023

PRIVACY ASSISTANT MANAGER (CYBER PRIVACY)

Deloitte South Africa
02.2023 - 06.2023

PRIVACY OFFICER (SECONDMENT)

Road Accident Fund
07.2021 - 01.2023

SENIOR COMPLIANCE PRACTITIONER

Road Accident Fund
04.2020 - 01.2023

SENIOR LITIGATION OFFICER

Road Accident Fund
11.2019 - 03.2020

LITIGATION OFFICER

Road Accident Fund
10.2017 - 10.2018

LITIGATION ATTORNEY

Fourie Fismer Inc
01.2016 - 09.2017

CANDIDATE ATTORNEY

Fourie Fismer Inc
01.2014 - 12.2015

INTERN

Department of Trade and Industry
04.2013 - 12.2013

Master of Laws - Information And Communication Law

University of The Witwatersrand

MANAGEMENT DEVELOPMENT PROGRAMME -

University of Pretoria

SHORT COURSE CYBERSECURITY: MANAGING RISK IN THE INFORMATION AGE -

MANCOSA

PRACTICAL INFORMATION GOVERNANCE -

UCT Law@work

CERTIFICATE OF ATTENDANCE -

Kazient Privacy Experts & IAPP

SHORT COURSE IN DATA PROTECTION AND PRIVACY -

University of Cape Town

SHORT COURSE IN EFFECTIVE RISK MANAGEMENT -

University of Pretoria

ETHICS OFFICER CERTIFICATION -

University of Stellenbosch, Stellenbosch Business School

POSTGRADUATE DIPLOMA IN COMPLIANCE MANAGEMENT -

University of Johannesburg

POSTGRADUATE CERTIFICATE IN CORPORATE GOVERNANCE -

University of Johannesburg
Nerika Maharaj