Assistant Manager - Data Protection

Job title: Assistant Manager – Data Protection

Business Unit/Function: Information Security and Data Protection

Job purpose:

Based in Vadodara, India and reporting to the Group Data Protection Manager, you will support PIB’s

global data protection programme across our businesses and back-office teams in India. You will help

define, implement, and assure compliance with Group policies and applicable legislation (UK/EU GDPR,

Data Protection Act 2018, and other relevant regulations), enabling secure, compliant, and efficient

handling of personal data across day-to-day operations and change initiatives (including integrations).

Location: India Vadodara. Collaboration with UK/Europe teams; occasional UK/Europe time-zone

alignment. Occasional travel to other Group India offices.

Key Responsibilities:

• Governance and compliance

1. Maintain and implement Group data protection, records management, and information security policies and procedures.
2. Maintain records of processing (RoPA), retention schedules, and process maps; support international data transfer assessments.
3. Monitor and report on compliance; prepare findings and risk summaries for business leaders and Group stakeholders.

• Business partnering and assurance

1. Advise and train all India team members on Group policies, GDPR and records management; support DPIAs, LIAs, and vendor/privacy due diligence.
2. Plan and execute reviews/audits across all India teams; document non-compliance and track remediation to closure.
3. Support integration activities post back office integration to embed Group standards consistently.

• Awareness and continuous improvement

1. Promote a strong data protection culture; support training, communications, and best-practice sharing.
2. Keep current with regulatory changes; recommend updates to controls, templates, and guidance.

• Operations and incident management

1. Triage and coordinate data subject requests (e.g., access, erasure) and breach/incident notifications in line with policy and law.
2. Maintain SAR, incident, and breach registers; ensure timely, compliant responses and lessons learned.

Required skills:

• Excellent communication skills and absolute fluency in English both written and oral.
• Competent in use of Microsoft Office (Word, Excel, Outlook).
• Experience of obtaining, collating and analysing data from multiple sources.
• Experience of working in a data protection or compliance role.
• Analytical skills, paying attention to detail.
• Can take responsibility for own workstreams and meet deadlines.
• Able to work independently and manage own workload.
• Able to work effectively in a team and as part of wider Group.
• Experience of managing own workload and handling multiple workstreams concurrently.
• Experience of establishing and maintaining positive working relationships.
• Experience of working in a review or audit role.
• Familiarity with information security systems and insurance trading platforms.
• Knowledge of data processing operations in the Insurance sector.
• Professional certifications in data protection or information security such as CIPP/E or CISSO are desirable.