14 Cipp Jobs

Role & responsibilities Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the data protection & confidentiality policy such as the principles of data processing, data subjects rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches. Policy and Procedure Development: Design, implement, and maintain data protection policies and procedures in line with relevant laws and best practices. Monitoring Compliance: Ensure the organization's adherence to privacy and data protection regulations, and regularly review the effectiveness of data protection controls. Legal Support & Data Protection Impact Assessments (DPIA): Oversee DPIAs to evaluate potential risks associated with the processing of personal data and provide legal guidance to mitigate those risks. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify and minimize privacy risks, and implement measures for risk management and mitigation. Data Protection Training & Awareness: Develop and deliver data protection training to all staff members, raising awareness of data security and privacy best practices. Vendor & Third-Party Risk Management: Evaluate and manage risks associated with third-party service providers and vendors to ensure their compliance with data protection requirements. Data Governance & Data Stewardship: Establish and oversee the organizations data governance framework, ensuring proper management, usage, and protection of data assets. Data Subject Requests (DSR) Management: Manage requests from data subjects regarding access to personal data, data deletion, or other data-related queries, ensuring full compliance with data protection regulations. Overall responsibility for monitoring compliance with Data Protection Policy; Liaison with IT to collect Data Leakage Prevention reports and analyse them. Identify and monitor the data processors whilst at work, ensuring that they deal with data in a manner consistent with the key data protection principles. To build understanding and awareness of data privacy issues throughout the organization, the DPO must have excellent communication and presentation skills Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide organizational compliance and conformance reports on privacy and data protection to the top management. Provide guidance to delivery and support functions on processing of personal data. Conduct Assessments, Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps. Maintain data flow maps for the process where personal data is processed. Undertake data protection and privacy compliance audits in accordance with applicable requirements Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Take into account the risk associated with processing activities being undertaken and be able to advise the business accordingly having regard to the nature, scope, context and purposes of the processing. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Development and update a comprehensive privacy awareness training program and promote awareness across the company Preferred candidate profile Education: Bachelor's degree in Law, IT, Computer Science, or a related field. A Masters degree in Data Privacy, Information Security, or Cyber Law is highly desirable. • Certifications (Required): Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) Certified Information Security Manager (CISM) • Certifications (Good to have): Certified Data Privacy Solutions Engineer (CDPSE) ,Certified Information Systems Security Professional (CISSP) Experience: Minimum of 12-14 years of experience in Data Security, Privacy Management, or Information Security. Extensive experience with privacy laws and regulations, including GDPR, CCPA, DPDP Act, etc. Proven track record of implementing and managing data protection and privacy programs in large organizations

Job Title: Compliance Officer India Reports to: Compliance Manager / Head of Compliance Function: Risk & Compliance / Governance / Data Privacy Role Summary: The Compliance Officer is responsible for ensuring the organization’s adherence to internal policies, external regulations, certification standards, and risk management frameworks. This role plays a critical part in supporting data privacy, managing document control, ensuring audit readiness, and driving a culture of compliance throughout the organization. The Compliance Officer will also coordinate with cross-functional teams and external stakeholders to promote ethical practices, regulatory adherence, and continuous improvement. In short, the Compliance Officer plays a key role in safeguarding the organization against regulatory breaches and fostering a compliant work environment, complimenting the Business Compliance Manager. Key Responsibilities: Regulatory Compliance & Risk Management Monitor local regulatory developments and ensure internal alignment. Conduct regular compliance risk assessments and implement mitigation plans. Monitor and assess third-party compliance as needed. Audit & Process Compliance Plan and execute internal audits to evaluate adherence to policies and standards (ISO 9001, 27001, 18295, etc.). Support closure of Non-Conformities (NCRs) with root cause analysis and corrective actions. Maintain audit documentation and manage the Internal Audit Cycle (planning to closure). Data Privacy & Security Ensure compliance with applicable data privacy laws, and other contractual obligations. Conduct privacy impact assessments for new processes or tools handling personal data. Collaborate with IT and Legal to implement data protection measures and incident response plans. Document & Policy Management Maintain proper document control practices including versioning, secure storage, and timely updates. Support the creation, review, and implementation of compliance policies and procedures. Ensure adherence to document retention schedules in line with regulatory requirements. Reporting & Escalation Maintain logs of compliance incidents and escalate high-risk issues appropriately. Submit timely reports to leadership and, if applicable, to regulatory authorities. Track key performance indicators related to compliance, such as audit scores, training completion rates, and risk closure timelines. Job Requirements: Education: Bachelor’s degree in Law, Business Administration, Finance, IT, or related field. Master’s degree or legal qualification (LLB/LLM) is an advantage. Certifications Preferred: ISO 9001 / 27001 / 18295 - Internal Auditor Additional certifications if any (e.g. Certified Information Privacy Professional (CIPP) or equivalent) is a significant advantage. Experience: 2–3 years in compliance, audit, risk management, or data privacy roles. Experience with ISO implementation and certification processes. Familiarity with document control, regulatory filings, and internal controls. Skills: Attention to Detail, Strong analytical, audit, and problem-solving skills. Excellent verbal and written communication. Proficiency in compliance tracking tools and Microsoft Office. Good project and time management abilities. Personal Attributes: Ethical mindset with high integrity and discretion. Detail-oriented with strong organizational skills. Adaptable and proactive in a dynamic regulatory environment. Collaborative with cross-functional teams. Adhere to information security and confidentiality protocols. Report suspected breaches, vulnerabilities, or misconduct. Uphold the company’s code of conduct, data handling guidelines, and acceptable use policies. Staying updated on changes to relevant laws and regulations, as well as emerging industry standards. Role & responsibilities Contact Athirai - 7824823891

Key Responsibilities As Privacy Advocate, you'll have a broad range of responsibilities providing legal research and guidance on initiatives impacting international privacy laws and related data protection and security matters. You will partner cross-functionally with our legal, product, engineering, and other teams to advise on privacy law matters and related data uses while managing legal risk and ensuring regulatory compliance. Excellent academic credentials' minimum of 10 years legal experience at a top-tier law firm or in-house. Minimum 10 years of legal practice experience with a focus on data privacy, information security & cybersecurity in a technology-related company, law firm Identify business requirements resulting from new and evolving data privacy and AI laws and regulations, and provide guidance and thought leadership on relevant topics Drive an aligned approach for legal matters involving data protection, data privacy, and data licensing to support the Companys most important business strategies, goals, and objectives In-depth experience working with data protection regulations (such as the GDPR, CCPA, HIPAA, or equivalent) Lead and mentor a team of privacy professionals, fostering a culture of privacy awareness and compliance Serve as the go-to subject matter expert on privacy laws, regulations, and best practices, ensuring the company remains compliant with all relevant standards Provide recommendation to legal team to develop, implement, and maintain privacy policies and procedures Advocate for user privacy within the company, ensuring that privacy considerations are integrated into all aspects of product development and business operations Strong analytical and problem-solving skills. Ability to assess complex privacy issues and develop effective solutions Experienced in handling privacy inquiries, complaints and incidents Sound business judgment, and flexibility/adaptability to handle multiple wide-ranging matters, conflicting deadlines, and new areas of expertise as business needs change Demonstrated ability, in a positive, commercial and practical manner, to identify, prioritize and resolve issues quickly and effectively Qualifications Bachelor's or higher degree in Law or related fields Sound and practical business judgment, intellectual creativity, strong ethical compass, and problem-solving skills Excellent legal research skills Excellent writing skills Certifications in Privacy such as CIPP from organizations like IAPP are a strong plus Experience advising on privacy and data security in commercial transactions a plus Experience driving, prioritizing, and effectively managing cross-functional initiatives, and an ability to both work independently and with multi-stakeholder teams Additional Information At Privaini Software India Private Limited, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

We are Looking for candidate who could join our Risk Team to assist in Data Privacy with their knowledge and experience. JOB ROLE The Data Privacy Manager will assist in implementing, maintaining, and monitoring data protection and privacy initiatives across the organization. This role involves ensuring compliance with applicable data protection laws and standards, fostering a privacy-conscious culture, and supporting operational privacy activities. KEY RESPONSIBILITIES Data Protection Program Implementation: Support the DPO in developing and executing the organizations data protection and privacy strategy. Assist in the creation, review, and updates of privacy policies, procedures, and guidelines. Ensure alignment of privacy practices with regulatory requirements and internal frameworks. Compliance Monitoring: Monitor adherence to data protection policies and procedures. Assist in maintaining records of processing activities (ROPA) and other compliance documentation. Conduct regular privacy assessments, audits, and gap analyses. Training and Awareness: Design and deliver privacy training programs for employees. Develop tools and materials to raise awareness about privacy compliance. Provide advice and support to departments on privacy and data protection issues. Data Breach Management: Assist in the identification, assessment, and management of data breaches. Coordinate breach notification procedures in line with legal requirements. Maintain an incident log and track resolution activities. Data Principal Rights Management: Support the DPO in handling data subject access requests (DSARs) and ensuring timely responses. Assist in addressing queries related to privacy rights and data protection practices. Vendor and Third-Party Management: Conduct data protection impact assessments (DPIAs) and third-party risk assessments. Review privacy clauses in vendor contracts and ensure compliance with data protection requirements. Establishing a Privacy Governance Framework: Support in establishing a privacy governance framework within the organization to ensure that the privacy controls are diligently adhered. Collaboration and Stakeholder Engagement: Liaise with IT, legal, HR, and other departments to embed privacy by design and default. Act as a point of contact for internal and external stakeholders on privacy-related matters. MANDATORY SKILLS REQUIRED Analytical skills: Ability to assess privacy risks and design effective technological solutions. Communication and interpersonal skills: Strong communication skills and to collaborate with cross-functional teams and explain technical concepts to non-technical stakeholders. Problem-solving: Demonstrated ability to resolve complex technical privacy challenges. Technical Knowledge: Proficiency in using data protection and GRC tools, Excel/Power BI, and knowledge of AI governance. QUALIFICATIONS Education: Masters/Bachelors degree in Information Security, IT. Certifications: Preferred certifications such as CIPP/E, CIPM, CIPT, CDPSE or equivalent.

Roles & Responsibilities: Conduct Data Inventory exercises, Privacy Threshold Assessments, Privacy Impact Assessments, and Data Protection Impact Assessments to identify and mitigate privacy risks related to new projects, products, or services. Develop, implement, maintain, and communicate privacy policies, processes, and procedures that comply with data privacy protection laws, regulations, and industry best practices. Participating in internal design discussions to ensure data protection requirements are clearly defined early and throughout the development life cycle for new projects. Ensuring data privacy and protection obligations are met. Monitoring changes in relevant data privacy and protection laws and regulations to ensure ongoing compliance. Manage and respond to Data Subject Access Requests (DSAR) to ensure compliance with data privacy protection laws, regulations, and guidance. Work cross-functionally with employees at all levels across the firm to ensure efficient integration of the Data Privacy Program into business processes. Guide functional departments in following the process for intake, verification, processing, analysis, and answering data subjects questions and requests under the GDPR, CPRA, and other regulations. Monitor and update (as necessary) the companys data map, which includes company and third-party managed personal information Collaborate with IT, HR, Operations, and other functional teams to ensure data protection and privacy initiatives are understood and implemented. Track and monitor updates and developments to applicable data privacy laws and regulations, as necessary. Grow and develop the privacy team, including conducting training sessions to ensure all employees are aware of and comply with data privacy policies and procedures Knowledge, Skills, Other Qualifications: Bachelors in law required - Any Specialization. Strong knowledge of U.S., EU, & Indian data privacy laws and regulations and related compliance processes. Familiarity with Canadian data privacy laws and regulations and related compliance processes. Privacy certifications in at least one of the following: CDPSE, CISA, CIPM, CIPP, CISSP, CIPT. Excellent communication (both verbal and written) and interpersonal skills. Strong decision-making, critical thinking, and organizational skills. Ability to work in a cross-functional, cross-cultural matrix environment. Experience working with cybersecurity and data forensic teams, including supporting data governance initiatives and data incident management. Ability to work independently and multitask effectively in a fast-paced environment. Minimum 8-10 years of experience working as part of an internal legal and regulatory compliance function in multinational organizations. Demonstrable privacy and data protection experience is preferable , ideally gained in a services environment or a digital business.

This role will implement and manage data privacy tools and controls, support compliance with UAE and International data protection laws and promote responsible data governance practices across the groups.

Key Responsibilities: Lead implementation of privacy policies and compliance frameworks. Conduct and oversee PIAs, TIAs, and maintain RoPA. Manage data mapping, architecture documentation, and privacy controls. Develop and maintain privacy templates and related documentation. Drive small automation initiatives to support privacy operations. Collaborate with cross-functional teams across legal, IT, and business units. Preferred Qualifications: Deep understanding of global privacy regulations (e.g., GDPR, CCPA). Hands-on experience with Microsoft O365 automation tools. Strong documentation, analytical, and communication skills.

Dear Candidate, We are looking for a skilled IT Security Compliance Analyst to ensure security policies align with industry regulations. This role requires conducting risk assessments, policy development, and maintaining regulatory compliance frameworks. Key Responsibilities: Ensure security policies align with industry regulations (ISO 27001, NIST, GDPR, HIPAA, SOC 2). Conduct internal security audits and risk assessments to identify compliance gaps. Develop security policies, standards, and compliance documentation. Monitor and enforce regulatory compliance across all IT security operations. Coordinate with external auditors for security compliance certifications. Provide guidance and training to employees on compliance requirements. Investigate compliance violations and recommend corrective actions. Required Skills & Qualifications: Strong knowledge of risk management, security audits, and compliance frameworks. Experience with GRC (Governance, Risk, and Compliance) tools (RSA Archer, OneTrust). Ability to interpret and apply security regulations and industry best practices. Experience conducting security awareness training for compliance adherence. Familiarity with PCI DSS, SOX, and industry-specific security regulations. Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills to work with cross-functional teams. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality solutions Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Key Responsibilities As Privacy Advocate, you'll have a broad range of responsibilities providing legal research and guidance on initiatives impacting international privacy laws and related data protection and security matters. You will partner cross-functionally with our legal, product, engineering, and other teams to advise on privacy law matters and related data uses while managing legal risk and ensuring regulatory compliance. Excellent academic credentials' minimum of 10 years legal experience at a top-tier law firm or in-house. Minimum 10 years of legal practice experience with a focus on data privacy, information security & cybersecurity in a technology-related company, law firm Identify business requirements resulting from new and evolving data privacy and AI laws and regulations, and provide guidance and thought leadership on relevant topics Drive an aligned approach for legal matters involving data protection, data privacy, and data licensing to support the Companys most important business strategies, goals, and objectives In-depth experience working with data protection regulations (such as the GDPR, CCPA, HIPAA, or equivalent) Lead and mentor a team of privacy professionals, fostering a culture of privacy awareness and compliance Serve as the go-to subject matter expert on privacy laws, regulations, and best practices, ensuring the company remains compliant with all relevant standards Provide recommendation to legal team to develop, implement, and maintain privacy policies and procedures Advocate for user privacy within the company, ensuring that privacy considerations are integrated into all aspects of product development and business operations Strong analytical and problem-solving skills. Ability to assess complex privacy issues and develop effective solutions Experienced in handling privacy inquiries, complaints and incidents Sound business judgment, and flexibility/adaptability to handle multiple wide-ranging matters, conflicting deadlines, and new areas of expertise as business needs change Demonstrated ability, in a positive, commercial and practical manner, to identify, prioritize and resolve issues quickly and effectively Qualifications Bachelor's or higher degree in Law or related fields Sound and practical business judgment, intellectual creativity, strong ethical compass, and problem-solving skills Excellent legal research skills Excellent writing skills Certifications in Privacy such as CIPP from organizations like IAPP are a strong plus Experience advising on privacy and data security in commercial transactions a plus Experience driving, prioritizing, and effectively managing cross-functional initiatives, and an ability to both work independently and with multi-stakeholder teams Additional Information At Privaini Software India Private Limited, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Job Description: Responsibilities Lead and oversee company's Data Protection programme and related initiative. Manage and monitors compliance with all applicable Data privacy laws, regulations and standards including DPDPA, GDPR etc. Perform regular compliance assessments and reporting, i.e. Data Privacy Impact Assessment (DPIA) Work with business and technical team members, third party vendors and auditors to ensure adherence to all applicable Data protection law, regulations and standards Provide periodic and adhoc security awareness training for employees/contractors to increase Data Protection awareness pertaining to their job functions and evaluate training effectiveness Recommend and develops KPIs and metrics to evaluate the Data protection / Privacy program and related controls. Participate in planning, scheduling and preliminary analysis for all internal and external Data Protection / Privacy audits and assessments and maintain list of outstanding audit actions and works with the remediation team to remediate identified gaps Oversee process documentation and compliance adherence Measures of Success: Timely implementation of data privacy programs at org level Completion of privacy impact assessments as per schedule Timely reporting of data privacy incident both internally and to the regulator as per the mandate Timely updation and board approval for data privacy policy No adverse observations in internal/external audits Timely completion of data privacy trainings for all eligible users Timely remediation of any findings or recommendations made by any of the internal or external assessors as part of privacy impact Adherence to data privacy policy within the organization Qualifications: 10-12 years of post qualification experience. Relevant Experience with respect to the role: At least 05 years of experience in working with privacy laws, including drafting of privacy policies, technology provisions, and working on compliance. One or more certifications related to Privacy, i.e., Certified Information Privacy Professional (CIPP/E), Certified Data Privacy Solutions Engineer (CDPSE),Certified Information Privacy Manager (CIPM), DSCI Certified Privacy Professional, CISSP, DSCI Certified Data Protection Officer (DCDPO) or any other equivalent certification Experience in technical training and in conducting awareness sessions Experience in dealing successfully with different business and external stakeholders Experience working with IT programming or infrastructure, including certification in information security standards Experience in performing audits of information systems, attestation audits and risk assessments Knowledge on how to assess, develop and implement Data Privacy program including drafting of privacy policies, standards, processes, procedures and technology provisions etc.

We are Hiring a Data Privacy Manager for a leading Conglomerate based in Mumbai Education: Bachelor/Masters Degree in Computer Science/ IT /Privacy or any field In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA, HIPAA, and others. Professional certifications such as ISO 27001:2022 / CISA / CISM / DCPP / DCPLA / CIPP/E, CIPM, CIPT, or equivalent is desirable but not mandatory. This position will lead privacy initiatives and ensure organizational compliance with data protection regulations. He/she should have a deep understanding of privacy concepts, laws and a proven track record in managing privacy programs within complex environments. Lead the development and execution of comprehensive privacy programs, including policies, procedures, templates and Identify gaps in privacy processes- Work with business teams to understand the business's current use of Personally Identifiable Information (PII). Work with Privacy partner to identify gaps and work towards the remedial options suggested. Manage privacy incidents, including breach investigations and reporting. Develop and enhance consent management framework. Oversee vendor and third-party data privacy compliance, including contract negotiations and audits. Improve overall compliance from Data Privacy perspective- Build good connections with peers in BUs and their IT SPOCS. Identify gaps as per applicable privacy law. Improve by implementing appropriate technologies & processes. Serve as the primary point of contact for privacy-related matters for internal stakeholders, data subjects and for regulatory authorities. Monitor and respond to changes in privacy legislation, ensuring the organization adapts to remain compliant. Conduct advanced Data Protection Impact Assessments (DPIAs), and risk assessments to identify and mitigate privacy risks. Prepare and update Records of Processing Activities (RoPAs) mapping the lifecycle of personal data across business processes. Enhance awareness of Privacy initiatives- Use all the channels such as regular communication to all employees, e-modules, workshops, Digi TALKS / relevant stakeholders to keep their awareness level up to date on Data Privacy Build a good connection with stakeholders and drive maximum adoption of overall Privacy initiatives. Prepare mandatory and role-specific privacy training and awareness programs for the organization. Develop and publish metrics- Deliver executive-level reporting on privacy metrics, risks, and program effectiveness. Build and share matrices with CISO and CSC members from Privacy perspective Help CISO to drive Privacy related campaigns Assist with data protection audits and manage privacy risk register for the organization. Special Skills Required Technical Skills: In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA, HIPAA, and others. Good understanding of data protection technologies such as DLP, Data classification, CASB, Access control etc. Good understanding of Privacy platforms / technologies to meet DPDP Act or other privacy act requirements. Experience in managing privacy programs, incidents and compliance audits.

Establish the Division Data Protection Office. Support Group data protection initiatives and the Group Data Protection Office. Develop, implement, and enforce Group and Division data protection policies and processes. Manage data protection breaches, queries, and complaints in accordance with regulatory requirements. Liaise with regulatory authorities. Providing internal stakeholders advisory on data protection matters (e.g. projects, contracts, disputes, queries, communications). Keep abreast of and monitor developments in Data Protection Law and other areas of law that impact data protection. Create and maintain personal data-related databases, inventories, and registers. Ensure policies and processes comply with law. Develop and review policies to handle personal data in electronic and non-electronic forms. Develop and review processes for handling breaches, queries, complaints and rights requests. Engage internal and external stakeholders on data protection processes and policies. Develop and deliver initiatives to foster a data protection culture among internal and external stakeholders. Perform data protection audits. Conduct data protection risk assessment and develop mitigation strategies. Apprise Division Senior Management and the Group Data Protection Office of data protection matters such as incident reporting and risk management initiatives. Work with Group Risk Management function to mitigate risks (e.g. insurance). Obtain and maintain professional accreditation as required by law. Conduct training, seminar, workshops, and education and awareness campaigns for the Division. Develop data protection collateral and corporate communication material for the Division. Any other functional works as may be assigned from time to time

Security Administration Data Privacy and Data Protection Compliance Risk Management Training & Awareness Performing Regular Audits Incident Response Collaboration & Reporting Administrative Support

1. Key Attributes Minimum 5 years of relevant experience in Data Privacy with overall an experience of 10-15 years Knowledge on Privacy enhanced technologies Excellent understanding of internal processes and systems of various enterprise functions. Quick Learner. Excellent Communication and presentation skills Privacy Certifications such CIPP/CIPT (US/EU/IT), DCPLA, DCPP 2. Competencies Experience in data protection strategies, implementation, and compliance Expertise in data protection laws and practices, including a deep understanding of IT Act 2000, GDPR Hands-on experience in executing data privacy projects/programs Periodic reporting to management on data privacy risk and compliance Strong project management skills Ability to work effectively under pressure and to manage sensitive and confidential information Excellent verbal and written communication skills, with strong attention to detail.