10 Cipm Jobs

Role & responsibilities Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the data protection & confidentiality policy such as the principles of data processing, data subjects rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches. Policy and Procedure Development: Design, implement, and maintain data protection policies and procedures in line with relevant laws and best practices. Monitoring Compliance: Ensure the organization's adherence to privacy and data protection regulations, and regularly review the effectiveness of data protection controls. Legal Support & Data Protection Impact Assessments (DPIA): Oversee DPIAs to evaluate potential risks associated with the processing of personal data and provide legal guidance to mitigate those risks. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify and minimize privacy risks, and implement measures for risk management and mitigation. Data Protection Training & Awareness: Develop and deliver data protection training to all staff members, raising awareness of data security and privacy best practices. Vendor & Third-Party Risk Management: Evaluate and manage risks associated with third-party service providers and vendors to ensure their compliance with data protection requirements. Data Governance & Data Stewardship: Establish and oversee the organizations data governance framework, ensuring proper management, usage, and protection of data assets. Data Subject Requests (DSR) Management: Manage requests from data subjects regarding access to personal data, data deletion, or other data-related queries, ensuring full compliance with data protection regulations. Overall responsibility for monitoring compliance with Data Protection Policy; Liaison with IT to collect Data Leakage Prevention reports and analyse them. Identify and monitor the data processors whilst at work, ensuring that they deal with data in a manner consistent with the key data protection principles. To build understanding and awareness of data privacy issues throughout the organization, the DPO must have excellent communication and presentation skills Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide organizational compliance and conformance reports on privacy and data protection to the top management. Provide guidance to delivery and support functions on processing of personal data. Conduct Assessments, Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps. Maintain data flow maps for the process where personal data is processed. Undertake data protection and privacy compliance audits in accordance with applicable requirements Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Take into account the risk associated with processing activities being undertaken and be able to advise the business accordingly having regard to the nature, scope, context and purposes of the processing. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Development and update a comprehensive privacy awareness training program and promote awareness across the company Preferred candidate profile Education: Bachelor's degree in Law, IT, Computer Science, or a related field. A Masters degree in Data Privacy, Information Security, or Cyber Law is highly desirable. • Certifications (Required): Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) Certified Information Security Manager (CISM) • Certifications (Good to have): Certified Data Privacy Solutions Engineer (CDPSE) ,Certified Information Systems Security Professional (CISSP) Experience: Minimum of 12-14 years of experience in Data Security, Privacy Management, or Information Security. Extensive experience with privacy laws and regulations, including GDPR, CCPA, DPDP Act, etc. Proven track record of implementing and managing data protection and privacy programs in large organizations

We are Looking for candidate who could join our Risk Team to assist in Data Privacy with their knowledge and experience. JOB ROLE The Data Privacy Manager will assist in implementing, maintaining, and monitoring data protection and privacy initiatives across the organization. This role involves ensuring compliance with applicable data protection laws and standards, fostering a privacy-conscious culture, and supporting operational privacy activities. KEY RESPONSIBILITIES Data Protection Program Implementation: Support the DPO in developing and executing the organizations data protection and privacy strategy. Assist in the creation, review, and updates of privacy policies, procedures, and guidelines. Ensure alignment of privacy practices with regulatory requirements and internal frameworks. Compliance Monitoring: Monitor adherence to data protection policies and procedures. Assist in maintaining records of processing activities (ROPA) and other compliance documentation. Conduct regular privacy assessments, audits, and gap analyses. Training and Awareness: Design and deliver privacy training programs for employees. Develop tools and materials to raise awareness about privacy compliance. Provide advice and support to departments on privacy and data protection issues. Data Breach Management: Assist in the identification, assessment, and management of data breaches. Coordinate breach notification procedures in line with legal requirements. Maintain an incident log and track resolution activities. Data Principal Rights Management: Support the DPO in handling data subject access requests (DSARs) and ensuring timely responses. Assist in addressing queries related to privacy rights and data protection practices. Vendor and Third-Party Management: Conduct data protection impact assessments (DPIAs) and third-party risk assessments. Review privacy clauses in vendor contracts and ensure compliance with data protection requirements. Establishing a Privacy Governance Framework: Support in establishing a privacy governance framework within the organization to ensure that the privacy controls are diligently adhered. Collaboration and Stakeholder Engagement: Liaise with IT, legal, HR, and other departments to embed privacy by design and default. Act as a point of contact for internal and external stakeholders on privacy-related matters. MANDATORY SKILLS REQUIRED Analytical skills: Ability to assess privacy risks and design effective technological solutions. Communication and interpersonal skills: Strong communication skills and to collaborate with cross-functional teams and explain technical concepts to non-technical stakeholders. Problem-solving: Demonstrated ability to resolve complex technical privacy challenges. Technical Knowledge: Proficiency in using data protection and GRC tools, Excel/Power BI, and knowledge of AI governance. QUALIFICATIONS Education: Masters/Bachelors degree in Information Security, IT. Certifications: Preferred certifications such as CIPP/E, CIPM, CIPT, CDPSE or equivalent.

Roles & Responsibilities: Conduct Data Inventory exercises, Privacy Threshold Assessments, Privacy Impact Assessments, and Data Protection Impact Assessments to identify and mitigate privacy risks related to new projects, products, or services. Develop, implement, maintain, and communicate privacy policies, processes, and procedures that comply with data privacy protection laws, regulations, and industry best practices. Participating in internal design discussions to ensure data protection requirements are clearly defined early and throughout the development life cycle for new projects. Ensuring data privacy and protection obligations are met. Monitoring changes in relevant data privacy and protection laws and regulations to ensure ongoing compliance. Manage and respond to Data Subject Access Requests (DSAR) to ensure compliance with data privacy protection laws, regulations, and guidance. Work cross-functionally with employees at all levels across the firm to ensure efficient integration of the Data Privacy Program into business processes. Guide functional departments in following the process for intake, verification, processing, analysis, and answering data subjects questions and requests under the GDPR, CPRA, and other regulations. Monitor and update (as necessary) the companys data map, which includes company and third-party managed personal information Collaborate with IT, HR, Operations, and other functional teams to ensure data protection and privacy initiatives are understood and implemented. Track and monitor updates and developments to applicable data privacy laws and regulations, as necessary. Grow and develop the privacy team, including conducting training sessions to ensure all employees are aware of and comply with data privacy policies and procedures Knowledge, Skills, Other Qualifications: Bachelors in law required - Any Specialization. Strong knowledge of U.S., EU, & Indian data privacy laws and regulations and related compliance processes. Familiarity with Canadian data privacy laws and regulations and related compliance processes. Privacy certifications in at least one of the following: CDPSE, CISA, CIPM, CIPP, CISSP, CIPT. Excellent communication (both verbal and written) and interpersonal skills. Strong decision-making, critical thinking, and organizational skills. Ability to work in a cross-functional, cross-cultural matrix environment. Experience working with cybersecurity and data forensic teams, including supporting data governance initiatives and data incident management. Ability to work independently and multitask effectively in a fast-paced environment. Minimum 8-10 years of experience working as part of an internal legal and regulatory compliance function in multinational organizations. Demonstrable privacy and data protection experience is preferable , ideally gained in a services environment or a digital business.

This role will implement and manage data privacy tools and controls, support compliance with UAE and International data protection laws and promote responsible data governance practices across the groups.

Technical Consultant OneTrust Privacy Platform Description Governance, Risk & Compliance consulting team is looking for OneTrust certified technical Privacy SMEs to be part of our consulting/professional services division. The candidate must be highly experienced in providing implementation of OneTrust platform inclusive of integration with 3rd party tools and also should have the knowhow of functional aspects of the tool. The OneTrust data privacy consultant will be required to work on global/international consulting as well as technology implementation projects Qualification, Work Experience & Certifications Bachelors/Masters degree or higher in Computer Science, Information Systems or a related field. ONETRUST Privacy Product Certification (Mandatory) Overall IT professional with experience of8+ year At least 6+ yearsof Information Security, Risk Management, Compliance Management and delivery experience. Experience in handling global client stakeholders Excellent Communications & Presentation skills CISA, CISM, CIPM/CIPT, CIPP/E, CIPP/US (at least one certification preferred) Responsibilities Implementation of data privacy requirements using OneTrust platform Build forms, events, workflows, integration with 3rd party products, reports on the OneTrust platform. Oversee the functional and technical implementation and platform adoption for all customer proof of concept projects from start to finish. Technical understanding and experience working with the following concepts: (HTML, CSS, JS • REST APIs • JSON • Scripting :Python, Powershell, Bash, etc) Understanding data privacy stature in client organization Custom make and implement privacy compliance program in client organization Execute data discovery & privacy impact assessment manually as well as using ONETRUST technology platforms. Execute project which involve advise, create & documentation of policies and procedures to help organizations protect their data (e.g. PII, Sensitive data, Financial data etc.) Research and analyze new data privacy regulations evolving across the globe Define technical and business requirements for data privacy and information governance solutions Implement data privacy, information governance, IT and information security related technology products. Perform basic supervisory duties to mentor and coach junior staff. Develop people through effective trainings and certification guidance.

Dear Candidate, We are looking for a skilled IT Security Compliance Analyst to ensure security policies align with industry regulations. This role requires conducting risk assessments, policy development, and maintaining regulatory compliance frameworks. Key Responsibilities: Ensure security policies align with industry regulations (ISO 27001, NIST, GDPR, HIPAA, SOC 2). Conduct internal security audits and risk assessments to identify compliance gaps. Develop security policies, standards, and compliance documentation. Monitor and enforce regulatory compliance across all IT security operations. Coordinate with external auditors for security compliance certifications. Provide guidance and training to employees on compliance requirements. Investigate compliance violations and recommend corrective actions. Required Skills & Qualifications: Strong knowledge of risk management, security audits, and compliance frameworks. Experience with GRC (Governance, Risk, and Compliance) tools (RSA Archer, OneTrust). Ability to interpret and apply security regulations and industry best practices. Experience conducting security awareness training for compliance adherence. Familiarity with PCI DSS, SOX, and industry-specific security regulations. Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills to work with cross-functional teams. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality solutions Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Job Description: Responsibilities Lead and oversee company's Data Protection programme and related initiative. Manage and monitors compliance with all applicable Data privacy laws, regulations and standards including DPDPA, GDPR etc. Perform regular compliance assessments and reporting, i.e. Data Privacy Impact Assessment (DPIA) Work with business and technical team members, third party vendors and auditors to ensure adherence to all applicable Data protection law, regulations and standards Provide periodic and adhoc security awareness training for employees/contractors to increase Data Protection awareness pertaining to their job functions and evaluate training effectiveness Recommend and develops KPIs and metrics to evaluate the Data protection / Privacy program and related controls. Participate in planning, scheduling and preliminary analysis for all internal and external Data Protection / Privacy audits and assessments and maintain list of outstanding audit actions and works with the remediation team to remediate identified gaps Oversee process documentation and compliance adherence Measures of Success: Timely implementation of data privacy programs at org level Completion of privacy impact assessments as per schedule Timely reporting of data privacy incident both internally and to the regulator as per the mandate Timely updation and board approval for data privacy policy No adverse observations in internal/external audits Timely completion of data privacy trainings for all eligible users Timely remediation of any findings or recommendations made by any of the internal or external assessors as part of privacy impact Adherence to data privacy policy within the organization Qualifications: 10-12 years of post qualification experience. Relevant Experience with respect to the role: At least 05 years of experience in working with privacy laws, including drafting of privacy policies, technology provisions, and working on compliance. One or more certifications related to Privacy, i.e., Certified Information Privacy Professional (CIPP/E), Certified Data Privacy Solutions Engineer (CDPSE),Certified Information Privacy Manager (CIPM), DSCI Certified Privacy Professional, CISSP, DSCI Certified Data Protection Officer (DCDPO) or any other equivalent certification Experience in technical training and in conducting awareness sessions Experience in dealing successfully with different business and external stakeholders Experience working with IT programming or infrastructure, including certification in information security standards Experience in performing audits of information systems, attestation audits and risk assessments Knowledge on how to assess, develop and implement Data Privacy program including drafting of privacy policies, standards, processes, procedures and technology provisions etc.

We are Hiring a Data Privacy Manager for a leading Conglomerate based in Mumbai Education: Bachelor/Masters Degree in Computer Science/ IT /Privacy or any field In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA, HIPAA, and others. Professional certifications such as ISO 27001:2022 / CISA / CISM / DCPP / DCPLA / CIPP/E, CIPM, CIPT, or equivalent is desirable but not mandatory. This position will lead privacy initiatives and ensure organizational compliance with data protection regulations. He/she should have a deep understanding of privacy concepts, laws and a proven track record in managing privacy programs within complex environments. Lead the development and execution of comprehensive privacy programs, including policies, procedures, templates and Identify gaps in privacy processes- Work with business teams to understand the business's current use of Personally Identifiable Information (PII). Work with Privacy partner to identify gaps and work towards the remedial options suggested. Manage privacy incidents, including breach investigations and reporting. Develop and enhance consent management framework. Oversee vendor and third-party data privacy compliance, including contract negotiations and audits. Improve overall compliance from Data Privacy perspective- Build good connections with peers in BUs and their IT SPOCS. Identify gaps as per applicable privacy law. Improve by implementing appropriate technologies & processes. Serve as the primary point of contact for privacy-related matters for internal stakeholders, data subjects and for regulatory authorities. Monitor and respond to changes in privacy legislation, ensuring the organization adapts to remain compliant. Conduct advanced Data Protection Impact Assessments (DPIAs), and risk assessments to identify and mitigate privacy risks. Prepare and update Records of Processing Activities (RoPAs) mapping the lifecycle of personal data across business processes. Enhance awareness of Privacy initiatives- Use all the channels such as regular communication to all employees, e-modules, workshops, Digi TALKS / relevant stakeholders to keep their awareness level up to date on Data Privacy Build a good connection with stakeholders and drive maximum adoption of overall Privacy initiatives. Prepare mandatory and role-specific privacy training and awareness programs for the organization. Develop and publish metrics- Deliver executive-level reporting on privacy metrics, risks, and program effectiveness. Build and share matrices with CISO and CSC members from Privacy perspective Help CISO to drive Privacy related campaigns Assist with data protection audits and manage privacy risk register for the organization. Special Skills Required Technical Skills: In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA, HIPAA, and others. Good understanding of data protection technologies such as DLP, Data classification, CASB, Access control etc. Good understanding of Privacy platforms / technologies to meet DPDP Act or other privacy act requirements. Experience in managing privacy programs, incidents and compliance audits.

Mandatory Skill Must Have : - Data Privacy + Security Job overview : As a Privacy Operations Personnel, you are required to have a deep understanding of data protection regulations. You will be responsible for conducting Privacy Impact Assessments (PIA), performing audits of data privacy practices, and implementing data protection initiatives across the organization. Key responsibilities include providing training and conducting workshops to raise privacy awareness, responding to data breaches, managing data subject rights requests, and ensuring compliance with consent management protocols. Additionally, the role involves supporting privacy champions, maintaining records of processing activities, assessing third party risks, and implementing privacy enabling technologies to safeguard data integrity and compliance across all data handling processes. Key Responsibilities: 1. Identify compliance review requirements with DPO, conduct periodic reviews. 2. Periodically update data privacy and protection policy, procedures in compliance to the applicable laws and regulations. 3. Identify privacy training needs, develop privacy training programs aligned with data protection laws, obtaining approval on training objectives. 4. Conduct periodic training sessions with HR and department level Privacy Champions, to create awareness about data privacy and protection. 5. Maintain records of processing activities documents for all personal data processing activities. 6. Conduct Privacy Impact Assessments (PIA) for all personal data processing activities and Data Privacy Impact Assessments, as required. Update Privacy Risk Register, and report delays to DPO. 7. Assist the Legal team and Business Owners in drafting privacy notices, cookie policy, consent banners, etc. 8. Drive Privacy by Design principles, aiding business owners, Technology, and IT team. 9. Handle data subject rights requests, update request register, and communicate responses. 10. Ensure Third Party Risk Management Procedure compliance with regulations. 11. Assist Procurement in third party risk assessments, negotiate agreements, and perform due diligence. 12. Conduct due diligence on third parties' practices from a data privacy and protection standpoint, establish Data Processing templates, and verify guarantees. Required Qualifications and Skills: Bachelors degree in law, Information Security, or related field (masters degree preferred). Certification in data protection (e.g., CIPP/E, CIPM) highly desirable. Strong understanding of data protection laws and regulations (e.g., DPDPA, GDPR). Excellent communication and people skills. Ability to work collaboratively with cross functional teams. Meticulous with strong analytical and problem solving abilities. Prior experience in privacy operations or related field preferred. Proficiency in relevant software and tools for privacy management and compliance. Experience Range : - 11-14 Years

Responsibilities Lead and oversee company Data Protection programmed and related initiative. Manage and monitors compliance with all applicable Data privacy laws, regulations and standards including DPDPA, GDPR etc. Perform regular compliance assessments and reporting, i.e. Data Privacy Impact Assessment (DPIA) Work with business and technical team members, third party vendors and auditors to ensure adherence to all applicable Data protection law, regulations and standards Provide periodic and adhoc security awareness training for employees/contractors to increase Data Protection awareness pertaining to their job functions and evaluate training effectiveness Recommend and develops KPIs and metrics to evaluate the Data protection / Privacy program and related controls. Participate in planning, scheduling and preliminary analysis for all internal and external Data Protection / Privacy audits and assessments and maintain list of outstanding audit actions and works with the remediation team to remediate identified gaps Oversee process documentation and compliance adherence Measures of Success: Timely implementation of data privacy programs at org level Completion of privacy impact assessments as per schedule Timely reporting of data privacy incident both internally and to the regulator as per the mandate Timely updating and board approval for data privacy policy No adverse observations in internal/external audits Timely completion of data privacy trainings for all eligible users Timely remediation of any findings or recommendations made by any of the internal or external assessors as part of privacy impact Adherence to data privacy policy within the organization Qualifications: 10-12 years of post-qualification experience. Relevant Experience with respect to the role: At least 05 years of experience in working with privacy laws, including drafting of privacy policies, technology provisions, and working on compliance. One or more certifications related to Privacy, i.e., Certified Information Privacy Professional (CIPP/E), Certified Data Privacy Solutions Engineer (CDPSE), Certified Information Privacy Manager (CIPM), DSCI Certified Privacy Professional, CISSP, DSCI Certified Data Protection Officer (DCDPO) or any other equivalent certification Experience in technical training and in conducting awareness sessions Experience in dealing successfully with different business and external stakeholders Experience working with IT programming or infrastructure, including certification in information security standards Experience in performing audits of information systems, attestation audits and risk assessments Knowledge on how to assess, develop and implement Data Privacy program including drafting of privacy policies, standards, processes, procedures and technology provisions etc. Note: Only women candidates are preferred. If interested, Kindly forward your updated CV on riya@beanhr.com Thanks & Regards, Riya Choudhary Bean HR Consulting-"Ahead Your Search" https://beanhr.com Locations:- Ghaziabad (Delhi-NCR) / Dehradun