19 Cipp Jobs

Conduct current state assessments of Clients Data Privacy program against leading standards/ frameworks such as ISO 27701, NIST DPF, GAPP and applicable privacy laws and regulations. Design Data Privacy Program Strategy and Roadmap. Design and Develop the Data Privacy Framework. Experience with IT/ITES/ CSP, data privacy related experience in such sectors are a Value add. Strong knowledge on global data privacy regulations especially GDPR, Middle East Privacy Laws, and GAPP. Ability to work independently and in a team environment with both the local and global Compliance and Legal teams and the information security teams. Educational Professional Credentials At minimum 4+ experience in Information Security with a minimum of 3+ years of working experience in Data Privacy projects. Bachelors or masters degree in cyber law, IT, computer science, Software engineering, or Data Privacy. Certifications like CIPP, CIPM, ISO 27701 LI are a Value add. Required Knowledge Skills Excellent written and verbal communication skills. Should have knowledge on DPDP Act and GDPR.

Conduct current state assessments of Clients Data Privacy program against leading standards/ frameworks such as ISO 27701, NIST DPF, GAPP and applicable privacy laws and regulations. Design Data Privacy Program Strategy and Roadmap. Design and Develop the Data Privacy Framework. Experience with IT/ITES/ CSP, data privacy related experience in such sectors are a Value add. Strong knowledge on global data privacy regulations especially GDPR, Middle East Privacy Laws, and GAPP. Ability to work independently and in a team environment with both the local and global Compliance and Legal teams and the information security teams. Educational Professional Credentials At minimum 4+ experience in Information Security with a minimum of 3+ years of working experience in Data Privacy projects. Bachelors or masters degree in cyber law, IT, computer science, Software engineering, or Data Privacy. Certifications like CIPP, CIPM, ISO 27701 LI are a Value add. Required Knowledge Skills Excellent written and verbal communication skills. Should have knowledge on DPDP Act and GDPR.

Strong knowledge of Data Privacy and designing & developing framework. Knowledge on the DPDP Act, GDPR, HIPPA. Frameworks such as ISO 27001, NIST DPF, GAPP & applicable privacy laws and regulation.

Key Responsibilities: Lead and collaborate in the formulation of policies related to collection and processing of personally identifiable information based on the Privacy Data Protection Laws of the countries in which the company operates or would like to expand its operations Implement and monitor the data privacy policies and associated processes across functions and business units Proactively partner with functional groups HR CAG CCD Facilities to ensure that the adoption of new technologies processes services and solutions are compliant with the applicable data privacy regulations Assess the development enhancements of internal processes systems and recommend privacy related controls Conduct employee awareness on lawful handling of personally identifiable information as part of their work Technical Requirements: Partner with the product development team in the development of new products including cloud based and recommend privacy related features controls in summary Privacy by Design Review and respond to privacy related sections in the RFI RFQ MSA from clients and collaborate in the feasibility study of privacy related requirements clauses of the prospect in the pre contract sign off stage Advise the delivery teams regarding implementation of the privacy related requirements Conduct employee awareness on lawful handling of personally identifiable information as part of their work Assess subcontracting outsourcing of any processing of personally identifiable information and recommend privacy related controls including inclusion of appropriate clauses in the vendor contract Conduct internal audits Additional Responsibilities: Data Privacy Data governance processes information security Data Privacy laws Standards Experience in Data Privacy matters both as a Data controller and Data Processor Excellent understanding of Delivery operations Quick Learner Excellent Business Communication Preferred Skills: Data Privacy->Data Privacy (General Data Protection Regulation/ Certified Information Privacy Technologist/ DSCI Certified Privacy Lead Assessor/ GDPR/ CIPT/ CIPP/ DCPLA)

Clear EY-GDS Consulting-AI And DATA-Data Governance-Gig Location:Mumbai Other locations:Primary Location Only Salary:Competitive Date:Mar 11, 2025 Job description Requisition ID:1578854 At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY GDS Data and Analytics (D And A) Gig- Data Governance + SQL + Python As part of our EY-GDS D&A (Data and Analytics) team, we help our clients solve complex business challenges with the help of data and technology. We dive deep into data to extract the greatest value and discover opportunities in sectors like Banking, Insurance, Manufacturing, Government Healthcare, Retail, Manufacturing and Auto, Supply Chain, and Finance. The Opportunity We're looking for a Project Delivery expert with experience and strong technology and data understanding of the enterprise data ecosystem and its governance model. The candidate should be proficient in defining strategies to ensure adherence to related policies and standards. This is a fantastic opportunity to be part of a leading firm as well as a growing Data and Analytics team. Key Responsibilities Deploy DQ Queries and Analyze Results: Use statistical analysis, metrics, and insights. Analyze DQ exceptions with data stewards to understand the scope and impact of DQ exceptions. Ensure prioritization of DQ exceptions by impact and aid in the facilitation of remediating issues. Business Analysis: Correlate statistics about issues, aggregate results, and distill important details on root causes or recommendations for permanent fixes. Knowledge of SDLC and issue remediation process. SQL, Python, and Advanced Query Skills: Experience in data quality roles preferred; financial services or relevant industry experience preferred. Data Governance: Define and activate an enterprise approach of controls, processes, metrics, and roles to make our information assets available to those who need them throughout the information lifecycle. These services include policies and processes, information quality, tools strategy, monitoring and enforcement, metrics, and change management. Creating and managing datasets in Collibra. Execute data quality checks in Collibra to ensure the accuracy, consistency, completeness, and reliability of data. Work closely with data analysts and other stakeholders to define data quality rules, set up data quality checks, and monitor ongoing data quality across various business functions. Configure and implement Collibra Data Quality framework and rules within the platform. Define data quality rules and set up automated data quality checks for both structured and unstructured data. Collaborate with data governance teams to align data quality policies with organizational goals. Monitor the performance of data quality rules and checks in Collibra. Track data quality issues and collaborate with data stewards to resolve discrepancies or data issues in a timely manner. Generate and interpret data quality reports from the Collibra platform, including data quality scorecards, issue logs, and dashboards. Work with business units to identify root causes of data quality problems and help implement corrective actions. Work closely with business and IT teams to understand data requirements and quality standards. Familiarity with SQL for querying data and analyzing data quality issues. Experience in data profiling, data cleansing, and data validation techniques. What You'll Do Collaborate with cross-functional stakeholders to gather insights and champion their information governance needs. Develop and mature an industry-leading posture on information governance across the full information lifecycle while incorporating data governance, analytics governance, AI governance, and content governance. Develop a robust operating model that outlines the structure, roles, responsibilities, and processes for effective information governance and governing bodies. Enable governance/oversight and coordination across key stakeholders to ensure accountability and ownership that our information is consumable, protected, and compliant. Define and activate an enterprise approach of controls, processes, metrics, and roles to make our information assets available to those who need them throughout the information lifecycle. These services include policies and processes, information quality, tools strategy, monitoring and enforcement, metrics, and change management. Collaborate with digital and business units to ensure the necessary tools, technologies, and resources are in place to support information governance. Align/enhance existing processes with industry standards, best practices, and regulatory requirements related to information governance. Promote a culture of accountability and compliance within the organization. Support scaling of existing data governance services. What Experience You'll Need Demonstrated experience and strong thought leadership with data and/or information governance strategies, policies, and frameworks from ideation through execution. Maintains a high level of working knowledge regarding industry trends, solutions, best practices, information governance concepts, and process improvement practices. Digitally savvy on how technology can be best utilized to achieve information governance goals. Advanced level understanding of data and/or information governance. Preferably demonstrate knowledge in areas such as records and information management, policies and standards, information lifecycle management, information quality, risk management, and monitoring/enforcement. Experience in the financial services industry preferred. Leading in a matrixed environment on large governance projects preferred. Bachelor's degree in information management, Computer Science, Business Administration, or a related field. Minimum of 10 years of experience in data or information governance, knowledge management, or a related field. What Could Set You Apart Professional certifications in information governance, data management, or related areas (e.g., CIPP, CIPM, CDMP). Experience with governance tools and technologies. Previous experience in information (Data, Content, Analytics) governance. Bachelor's degree in communications, journalism, PR, marketing, or a related program required. 3+ years experience in supporting or creating strategic communication programs. Excellent written and verbal communication skills across multiple channels. Project management and/or change management experience a plus. Background in IT and/or financial services organizations preferred. Ability to work independently across different cross-functional teams. Understanding of industry trends in effective, modern internal communications.

Your Key Responsibilities: - Comprehensive Data Management: Implement and manage a unified data privacy and governance framework using BigID for data discovery and classification, alongside Immuta for policy management and access control. Ensure the framework supports compliance with global data protection regulations and facilitates secure data sharing. Utilize BigID to perform deep scans of the organization's data landscape, identifying and classifying sensitive and regulated data across multiple data sources. Policy Management and Enforcement: Develop robust data access and privacy policies within Immuta, reflecting the organization's commitment to data protection and regulatory compliance. Leverage Immuta's policy-as-code capabilities to automate the enforcement of complex data governance rules, ensuring consistent application across all data usage scenarios. Access Control and Privacy Enforcement: Configure Immuta to enforce dynamic data access controls, ensuring that users can only access data in ways that comply with established privacy policies. Conduct data privacy impact assessments using BigID's risk analysis tools to evaluate the potential risks associated with data processing activities. Monitor and enforce adherence to privacy regulations (e.g., GDPR, CCPA, HIPAA) and internal policies. Data Governance and Compliance Audits: Develop a strategic approach to data governance that leverages the capabilities of BigID and Immuta to maintain a balance between data utility and privacy. Work with legal, compliance, and business units to ensure the data governance framework aligns with regulatory requirements and business objectives. Utilize BigID to perform regular audits of data handling practices, ensuring alignment with the organization's data governance policies and legal obligations. Prepare and present audit findings, leveraging Immuta's reporting capabilities to demonstrate policy adherence and data access transparency. Regulatory Compliance and Reporting: Use BigID to generate reports that demonstrate compliance with data protection laws such as GDPR, CCPA, and HIPAA, highlighting how data is categorized, stored, and protected. Utilize Immuta's reporting features to provide transparency into data access patterns and policy enforcement, supporting compliance audits and regulatory inquiries. Use data-driven metrics to inform decision-making and demonstrate the value of data governance initiatives to senior management. Data Quality Assurance: Collaborate with IT and data teams to implement measures that ensure the accuracy, completeness, and reliability of data within the organization. Use BigID to identify and remediate data quality issues, and leverage Immuta to maintain data integrity through controlled access and usage. Cross-functional Collaboration: Engage with various departments, including IT, legal, HR, and business units, to embed data privacy and governance principles into their operations. Facilitate communication between data owners, users, and IT staff to ensure a clear understanding of data privacy requirements and governance processes. Act as a subject matter expert, providing advice and support on data privacy and governance matters across the organization. Skills and attributes for success Should be a good team player. Excellent verbal and written communication skill. Proficient Documentation and Power Point skills Good social, communication and technical writing skills Should interface with internal and external clients. Strong analytical/problem solving skills. Ability to prioritize tasks and work accurately under pressure to meet deadlines. Should understand and follow workplace policies and procedures. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. To qualify for the role, you must have Bachelor's or master's degree in computer science, Information Systems, Engineering or a related field. At least 5-8 years of experience in supporting Data Privacy & Governance Specialist with expertise in BigID and Immuta platforms Technology. At least 4-6 years of experience in two or more of the following: Information Security concepts related to Data Privacy, Data Governance Specialist and Data Protection. Data Discovery/ Classification Technology or Privacy. Strong understanding of data privacy regulations and best practices, such as GDPR, CCPA, and other global privacy frameworks Extensive experience working with BigID and Immuta, including implementation, configuration, and administration. Proficiency in data discovery, classification, and metadata management. Familiarity with data security and access control concepts. Excellent problem-solving skills and ability to troubleshoot technical issues. Ability to independently research and solve technical issues. Demonstrated integrity in a professional environment. Knowledge of core Information Security concepts related to Data Privacy, Data Governance, Risk & Compliance. Ability to work in and adapt to a changing environment. Extend required support for any reported data protection and privacy incidents such as information breaches and leakages. Ability to communicate in a clear and concise manner. Ideally, you'll also have Professional certificate or be actively pursuing related professional certifications such as the BigID Professional, BigID Expert, CISSP, CIPP/E or other Vendor/Technical certification. To expect some weekend work and 20%-30% travel based on job requirement.

As a Data Privacy Specialist at our organization, you will play a crucial role in identifying and mitigating risks related to Personally Identifiable Information (PII). Your responsibilities will include investigating any data privacy breaches, conducting privacy compliance checks for clients" internal solutions and processes, and reviewing and responding to client privacy requirements. Additionally, you will be involved in implementing and monitoring data privacy policies and associated processes across different functions and business units. In terms of technical requirements, you will be expected to conduct Privacy Impact Assessments for new technology solutions or processes such as BYOD, Biometric Authentication for Physical Security, Smartphone app-based solutions, and Web applications. You will also need to analyze and recommend Privacy by Design principles in new products and platforms. Furthermore, you will have the opportunity to work with our global team, gaining exposure to data privacy regulations across various geographies, clients, technologies, and business processes. Our organization has been recognized as a leader in data privacy in India, exemplified by the DSCI Data Security Council of India Excellence Award we received in 2014 under the Privacy in Outsourcing Sector IT ITeS BPM category. As part of our team, you will also contribute to key privacy initiatives both within India and the international community. Given that privacy as an organizational function is still emerging in India, there is significant potential for growth in this field in the coming years, similar to the evolution of information security a decade ago. We are looking for a candidate with preferred skills in Data Privacy, including expertise in Data Privacy (General Data Protection Regulation), Certified Information Privacy Technologist, DSCI Certified Privacy Lead Assessor, GDPR, CIPT, CIPP, and DCPLA. Join us in this exciting opportunity to make a meaningful impact in the field of data privacy.,

As a member of the team, your primary responsibilities will include identifying and mitigating risks related to Personally Identifiable Information (PII), investigating data privacy breaches, participating in strategic improvement initiatives, conducting privacy compliance checks, reviewing and responding to client privacy requirements, and implementing and monitoring data privacy policies across functions and business units. You will be required to conduct Privacy Impact Assessments for new technology solutions or processes, such as BYOD, Biometric Authentication for Physical Security, Smartphone app-based solutions, and Web applications. Additionally, you will need to analyze and recommend Privacy by Design in new products and platforms. In addition to the core responsibilities, you will have the opportunity to gain exposure to data privacy regulations in various geographical locations, client technologies, and business processes. Infosys, with its corporate headquarters in Bangalore, is a leader in data privacy in India and has received recognition for its excellence in data security. As part of the team, you will lead and participate in key privacy initiatives both locally and internationally. Given the evolving landscape of data privacy in India, there is substantial potential for growth in this field in the coming years, similar to the growth experienced in the information security sector a decade ago. Preferred skills for this role include expertise in Data Privacy, General Data Protection Regulation (GDPR), Certified Information Privacy Technologist (CIPT), DSCI Certified Privacy Lead Assessor, Certified Information Privacy Professional (CIPP), and Data Privacy Compliance Leader Accreditation (DCPLA).,

Role Description This is a full-time on-site role for a Data Privacy Consultant located in Riyadh. The Data Privacy Consultant will be responsible for overseeing privacy regulations, developing privacy policies, ensuring data privacy compliance, and implementing cybersecurity measures. Qualifications Privacy Regulations and Privacy Policies knowledge Data Privacy and Privacy Compliance expertise Cybersecurity skills Experience in data protection laws and regulations Strong analytical and problem-solving skills Excellent communication and interpersonal abilities CISSP, CIPP, or other relevant certifications are a plus Bachelor's degree in Information Technology, Computer Science, or related field Some keywords to search for: Data Sharing / Data Transfer / Control Framework / Data Minimisation / Scrambling / Obfuscation Data Reclassification / Data Masking / Data Residency / Cross-Border Data Sharing / Privacy Operationalisation / Data Cybersecurity Controls / Cybersecurity Risk Assessment / Data Loss Prevention / Controlled sharing Strong English language communication is important Experience working with regulation e.g. GDPR/CCPA and bonus points if with KSAs PDPL / NCA Experience with Banks in similar role preferred

We are seeking an experienced Privacy Professional to join the Worldwide Compliance & Business Ethics (WC&BE) Department of a global pharmaceutical/biotechnology company headquartered in Southern California. This individual will be located in Hyderabad and will play a critical role in supporting Amgen's Privacy Compliance program in Asia, as part of the international privacy compliance team. The role reports directly to the Chief Privacy Officer. Roles and Responsibilities Provide advice, guidance, and/or support to local Compliance professionals regarding: Any data protection issues arising at respective affiliates. Data Protection Authority (DPA) Notifications and Prior Approval submissions. Data Subject Inquiry responses (including access requests and requests for correction or deletion). DPA inquiries and inspections (including advising on filing of DPA Notifications etc.). Audit preparation and remediation . Regional execution of timely self-assessments to detect Privacy and Data Protection gaps and immediate communication of gaps to the Head of Global Privacy (including liaising with business partners and Information Systems to remediate self-assessments and audit gaps). Any needed privacy-related training . Provide advice, guidance, and/or support to the Global Privacy Compliance team regarding: Regional or local privacy regulations and DPA activities pertaining to relevant regions. Local and/or regional privacy risks . Status of the Privacy Compliance program in respective countries on a regular basis. Cross-border issues and assist in the development and implementation of solution-oriented approaches to Privacy and Data Protection compliance in the assigned region and across Amgen. Best practices and how to improve cross-geographical and cross-functional awareness of Privacy and Data Protection. Implementation and identifying any needed improvements in the Privacy Incident Response process in regional affiliates in the assigned region. Enable privacy compliance across various functions by: Providing training together with the WC&BE team, and regular communications on Privacy and Data Protection Compliance to relevant staff. Advising on Privacy and Data Protection issues , including drafting privacy notices, templates, and consents, and ensuring consistency in practices and forms across regions. Collaborating with Law, Corporate Audit, Information Systems, and WC&BE functions regarding Privacy and Data Protection requirements to enable compliance and programmatic improvement. Minimum Requirements LLB or equivalent degree with at least 10 years of legal and/or privacy and data protection experience at a global company in a regulated industry (biopharmaceutical experience preferred), with deep expertise in Privacy and Data Protection. Proven ability to effectively and timely manage multiple initiatives and cross-departmental projects (i.e., strong project management skills). Demonstrated ability to communicate well with business leadership, information systems professionals, and compliance professionals to drive workable solutions. Proven ability to balance multiple priorities simultaneously , and to thrive and deliver in a highly regulated and fast-paced corporate environment. Demonstrated ability to regularly re-prioritize risks, objectives, and action plans based on an evolving corporate and regulatory landscape. Ability to deal well with ambiguity and complex situations . Strong ability to synthesize vast amounts of complex data , and clearly and concisely articulate the relevant points at the right altitude depending on the audience. Demonstrable acumen to collaborate, drive results, and influence cross-organizational stakeholders and decision-makers with different operational and jurisdictional responsibilities. Proven communication, relationship-building, and collaboration skills . Experienced in crisis management and handling . Proven commitment to delivering quality and timely output . Ability to work with key partners to ensure coordination of activities and alignment between security and privacy programs . Strong strategic thinking skills and ability to translate strategy into action plans. Excellent ability to interact and build relationships at all levels of management and staffing across organizational/jurisdictional boundaries. Ability to understand, plan, and navigate in a matrixed environment . Excellent command of English (spoken and written) and public speaking skills. Availability in crisis. Appreciation of the global context of local or regional activities. Additional Competencies/Skills Effective leadership skills. Effective organizational and creative problem-solving skills. Self-starter with a high level of initiative and strong work ethic. Strong understanding of the role of compliance professionals. CIPP certification from the International Association of Privacy Professionals (IAPP) (preferred). High level of integrity in all actions.

Role & responsibilities DLP Operations: Manage day-to-day operations of the DLP solution, including monitoring, incident response, and resolution. Policy and Procedure Development: Develop and configure DLP policies to safeguard sensitive information, in line with regulatory requirements and internal policies. Monitoring Compliance: Ensure compliance with data protection laws and organizational policies, and monitor data movement to prevent unauthorized data access or sharing. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify privacy risks and ensure the organizations data handling complies with regulations. Data Protection Training & Awareness: Assist in the development and delivery of data protection awareness training programs to educate staff on DLP policies and best practices. Vendor & Third-Party Risk Management: Evaluate risks associated with third-party service providers and ensure they comply with DLP policies and practices. Data Governance & Data Stewardship: Support the organizations data governance framework by ensuring effective use, management, and protection of sensitive data. Incident Investigation & Resolution: Conduct investigations into DLP incidents and resolve issues related to data breaches or violations, ensuring proper reporting and remediation. Data Subject Requests (DSR) Management: Assist in managing data subject requests (DSR), ensuring that data handling and deletion requests comply with privacy laws. Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide guidance to delivery and support functions on processing of personal data. Maintain data flow maps for the process where personal data is processed. Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Preferred candidate profile Bachelor's or master's degree in computer science, information systems or relevant field. Around 2-3 years' experience in managing privacy and data protection program for a company or providing privacy and data protection consulting services. Around 6-8 years of overall experience in the area of privacy and Information Security. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate privacy, security and risk-related concepts to technical and nontechnical audiences. Knowledge and understanding of relevant legal and regulatory requirements, such as IT Act 2000, GDPR, BS10012, Data Protection Act of India and other Data Protection standards Knowledge of DADP act and country wise data protection act across Middle East Countries Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives Project management skills: scheduling and resource management Professional privacy engagement certification, such as a Certified Information Privacy Professional (CIPP) or other similar credentials in Data Privacy, is desired Strong understanding of data protection laws, regulatory compliance, and risk management. Ability to handle sensitive information with discretion and professionalism

Your day at NTT DATA The Risk Analyst is a seasoned subject matter expert, responsible for assessing and managing risks to ensure the security, integrity, and resilience of the organization's operations and services. This role involves identifying potential threats, analyzing vulnerabilities, and providing recommendations to mitigate risks. Through proactive risk assessment and collaboration with cross-functional teams, this role contributes to the organization's efforts to maintain a secure and compliant environment. Key responsibilities: Analyzes risk to business activities and operations. Identifies areas of potential loss or damage for current and proposed business and financial operations, processes, structures and cyber-risk exposure and quantifies impact Implements and evaluates compliance with business and cyber risk-reduction policies, processes and standards. May participate in the development and maintenance of disaster recovery and business continuity plans. Supports organizational processes and programs for mitigation of financial risk, including administration of insurance. May support and administer security and health/safety programs in addition to risk management activities. Performs any other related task as required by management. To thrive in this role, you need to have: Strong understanding of risk assessment methodologies, global regulations, and compliance requirements. Proficiency in data analysis tools and techniques for identifying trends, patterns, and potential risks. Excellent analytical skills and attention to detail. Effective communication skills to convey complex risk concepts to a global audience. Cultural sensitivity and adaptability to work across different regions and time zones Strong problem-solving skills and ability to work collaboratively with cross-functional and global teams. Academic qualifications and certifications: Bachelor's degree or equivalent in Business, Information Security, Risk Management or related field. Relevant certifications such as CISM, CRISC, CISSP, CIPP preferred. Required experience: Seasoned years of experience as a Risk Analyst, preferably in a global organization with diverse operations.

Role & responsibilities Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the data protection & confidentiality policy such as the principles of data processing, data subjects rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches. Policy and Procedure Development: Design, implement, and maintain data protection policies and procedures in line with relevant laws and best practices. Monitoring Compliance: Ensure the organization's adherence to privacy and data protection regulations, and regularly review the effectiveness of data protection controls. Legal Support & Data Protection Impact Assessments (DPIA): Oversee DPIAs to evaluate potential risks associated with the processing of personal data and provide legal guidance to mitigate those risks. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify and minimize privacy risks, and implement measures for risk management and mitigation. Data Protection Training & Awareness: Develop and deliver data protection training to all staff members, raising awareness of data security and privacy best practices. Vendor & Third-Party Risk Management: Evaluate and manage risks associated with third-party service providers and vendors to ensure their compliance with data protection requirements. Data Governance & Data Stewardship: Establish and oversee the organizations data governance framework, ensuring proper management, usage, and protection of data assets. Data Subject Requests (DSR) Management: Manage requests from data subjects regarding access to personal data, data deletion, or other data-related queries, ensuring full compliance with data protection regulations. Overall responsibility for monitoring compliance with Data Protection Policy; Liaison with IT to collect Data Leakage Prevention reports and analyse them. Identify and monitor the data processors whilst at work, ensuring that they deal with data in a manner consistent with the key data protection principles. To build understanding and awareness of data privacy issues throughout the organization, the DPO must have excellent communication and presentation skills Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide organizational compliance and conformance reports on privacy and data protection to the top management. Provide guidance to delivery and support functions on processing of personal data. Conduct Assessments, Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps. Maintain data flow maps for the process where personal data is processed. Undertake data protection and privacy compliance audits in accordance with applicable requirements Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Take into account the risk associated with processing activities being undertaken and be able to advise the business accordingly having regard to the nature, scope, context and purposes of the processing. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Development and update a comprehensive privacy awareness training program and promote awareness across the company Preferred candidate profile Education: Bachelor's degree in Law, IT, Computer Science, or a related field. A Masters degree in Data Privacy, Information Security, or Cyber Law is highly desirable. • Certifications (Required): Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) Certified Information Security Manager (CISM) • Certifications (Good to have): Certified Data Privacy Solutions Engineer (CDPSE) ,Certified Information Systems Security Professional (CISSP) Experience: Minimum of 12-14 years of experience in Data Security, Privacy Management, or Information Security. Extensive experience with privacy laws and regulations, including GDPR, CCPA, DPDP Act, etc. Proven track record of implementing and managing data protection and privacy programs in large organizations

Job Title: Compliance Officer India Reports to: Compliance Manager / Head of Compliance Function: Risk & Compliance / Governance / Data Privacy Role Summary: The Compliance Officer is responsible for ensuring the organization’s adherence to internal policies, external regulations, certification standards, and risk management frameworks. This role plays a critical part in supporting data privacy, managing document control, ensuring audit readiness, and driving a culture of compliance throughout the organization. The Compliance Officer will also coordinate with cross-functional teams and external stakeholders to promote ethical practices, regulatory adherence, and continuous improvement. In short, the Compliance Officer plays a key role in safeguarding the organization against regulatory breaches and fostering a compliant work environment, complimenting the Business Compliance Manager. Key Responsibilities: Regulatory Compliance & Risk Management Monitor local regulatory developments and ensure internal alignment. Conduct regular compliance risk assessments and implement mitigation plans. Monitor and assess third-party compliance as needed. Audit & Process Compliance Plan and execute internal audits to evaluate adherence to policies and standards (ISO 9001, 27001, 18295, etc.). Support closure of Non-Conformities (NCRs) with root cause analysis and corrective actions. Maintain audit documentation and manage the Internal Audit Cycle (planning to closure). Data Privacy & Security Ensure compliance with applicable data privacy laws, and other contractual obligations. Conduct privacy impact assessments for new processes or tools handling personal data. Collaborate with IT and Legal to implement data protection measures and incident response plans. Document & Policy Management Maintain proper document control practices including versioning, secure storage, and timely updates. Support the creation, review, and implementation of compliance policies and procedures. Ensure adherence to document retention schedules in line with regulatory requirements. Reporting & Escalation Maintain logs of compliance incidents and escalate high-risk issues appropriately. Submit timely reports to leadership and, if applicable, to regulatory authorities. Track key performance indicators related to compliance, such as audit scores, training completion rates, and risk closure timelines. Job Requirements: Education: Bachelor’s degree in Law, Business Administration, Finance, IT, or related field. Master’s degree or legal qualification (LLB/LLM) is an advantage. Certifications Preferred: ISO 9001 / 27001 / 18295 - Internal Auditor Additional certifications if any (e.g. Certified Information Privacy Professional (CIPP) or equivalent) is a significant advantage. Experience: 2–3 years in compliance, audit, risk management, or data privacy roles. Experience with ISO implementation and certification processes. Familiarity with document control, regulatory filings, and internal controls. Skills: Attention to Detail, Strong analytical, audit, and problem-solving skills. Excellent verbal and written communication. Proficiency in compliance tracking tools and Microsoft Office. Good project and time management abilities. Personal Attributes: Ethical mindset with high integrity and discretion. Detail-oriented with strong organizational skills. Adaptable and proactive in a dynamic regulatory environment. Collaborative with cross-functional teams. Adhere to information security and confidentiality protocols. Report suspected breaches, vulnerabilities, or misconduct. Uphold the company’s code of conduct, data handling guidelines, and acceptable use policies. Staying updated on changes to relevant laws and regulations, as well as emerging industry standards. Role & responsibilities Contact Athirai - 7824823891

Key Responsibilities As Privacy Advocate, you'll have a broad range of responsibilities providing legal research and guidance on initiatives impacting international privacy laws and related data protection and security matters. You will partner cross-functionally with our legal, product, engineering, and other teams to advise on privacy law matters and related data uses while managing legal risk and ensuring regulatory compliance. Excellent academic credentials' minimum of 10 years legal experience at a top-tier law firm or in-house. Minimum 10 years of legal practice experience with a focus on data privacy, information security & cybersecurity in a technology-related company, law firm Identify business requirements resulting from new and evolving data privacy and AI laws and regulations, and provide guidance and thought leadership on relevant topics Drive an aligned approach for legal matters involving data protection, data privacy, and data licensing to support the Companys most important business strategies, goals, and objectives In-depth experience working with data protection regulations (such as the GDPR, CCPA, HIPAA, or equivalent) Lead and mentor a team of privacy professionals, fostering a culture of privacy awareness and compliance Serve as the go-to subject matter expert on privacy laws, regulations, and best practices, ensuring the company remains compliant with all relevant standards Provide recommendation to legal team to develop, implement, and maintain privacy policies and procedures Advocate for user privacy within the company, ensuring that privacy considerations are integrated into all aspects of product development and business operations Strong analytical and problem-solving skills. Ability to assess complex privacy issues and develop effective solutions Experienced in handling privacy inquiries, complaints and incidents Sound business judgment, and flexibility/adaptability to handle multiple wide-ranging matters, conflicting deadlines, and new areas of expertise as business needs change Demonstrated ability, in a positive, commercial and practical manner, to identify, prioritize and resolve issues quickly and effectively Qualifications Bachelor's or higher degree in Law or related fields Sound and practical business judgment, intellectual creativity, strong ethical compass, and problem-solving skills Excellent legal research skills Excellent writing skills Certifications in Privacy such as CIPP from organizations like IAPP are a strong plus Experience advising on privacy and data security in commercial transactions a plus Experience driving, prioritizing, and effectively managing cross-functional initiatives, and an ability to both work independently and with multi-stakeholder teams Additional Information At Privaini Software India Private Limited, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

We are Looking for candidate who could join our Risk Team to assist in Data Privacy with their knowledge and experience. JOB ROLE The Data Privacy Manager will assist in implementing, maintaining, and monitoring data protection and privacy initiatives across the organization. This role involves ensuring compliance with applicable data protection laws and standards, fostering a privacy-conscious culture, and supporting operational privacy activities. KEY RESPONSIBILITIES Data Protection Program Implementation: Support the DPO in developing and executing the organizations data protection and privacy strategy. Assist in the creation, review, and updates of privacy policies, procedures, and guidelines. Ensure alignment of privacy practices with regulatory requirements and internal frameworks. Compliance Monitoring: Monitor adherence to data protection policies and procedures. Assist in maintaining records of processing activities (ROPA) and other compliance documentation. Conduct regular privacy assessments, audits, and gap analyses. Training and Awareness: Design and deliver privacy training programs for employees. Develop tools and materials to raise awareness about privacy compliance. Provide advice and support to departments on privacy and data protection issues. Data Breach Management: Assist in the identification, assessment, and management of data breaches. Coordinate breach notification procedures in line with legal requirements. Maintain an incident log and track resolution activities. Data Principal Rights Management: Support the DPO in handling data subject access requests (DSARs) and ensuring timely responses. Assist in addressing queries related to privacy rights and data protection practices. Vendor and Third-Party Management: Conduct data protection impact assessments (DPIAs) and third-party risk assessments. Review privacy clauses in vendor contracts and ensure compliance with data protection requirements. Establishing a Privacy Governance Framework: Support in establishing a privacy governance framework within the organization to ensure that the privacy controls are diligently adhered. Collaboration and Stakeholder Engagement: Liaise with IT, legal, HR, and other departments to embed privacy by design and default. Act as a point of contact for internal and external stakeholders on privacy-related matters. MANDATORY SKILLS REQUIRED Analytical skills: Ability to assess privacy risks and design effective technological solutions. Communication and interpersonal skills: Strong communication skills and to collaborate with cross-functional teams and explain technical concepts to non-technical stakeholders. Problem-solving: Demonstrated ability to resolve complex technical privacy challenges. Technical Knowledge: Proficiency in using data protection and GRC tools, Excel/Power BI, and knowledge of AI governance. QUALIFICATIONS Education: Masters/Bachelors degree in Information Security, IT. Certifications: Preferred certifications such as CIPP/E, CIPM, CIPT, CDPSE or equivalent.

Roles & Responsibilities: Conduct Data Inventory exercises, Privacy Threshold Assessments, Privacy Impact Assessments, and Data Protection Impact Assessments to identify and mitigate privacy risks related to new projects, products, or services. Develop, implement, maintain, and communicate privacy policies, processes, and procedures that comply with data privacy protection laws, regulations, and industry best practices. Participating in internal design discussions to ensure data protection requirements are clearly defined early and throughout the development life cycle for new projects. Ensuring data privacy and protection obligations are met. Monitoring changes in relevant data privacy and protection laws and regulations to ensure ongoing compliance. Manage and respond to Data Subject Access Requests (DSAR) to ensure compliance with data privacy protection laws, regulations, and guidance. Work cross-functionally with employees at all levels across the firm to ensure efficient integration of the Data Privacy Program into business processes. Guide functional departments in following the process for intake, verification, processing, analysis, and answering data subjects questions and requests under the GDPR, CPRA, and other regulations. Monitor and update (as necessary) the companys data map, which includes company and third-party managed personal information Collaborate with IT, HR, Operations, and other functional teams to ensure data protection and privacy initiatives are understood and implemented. Track and monitor updates and developments to applicable data privacy laws and regulations, as necessary. Grow and develop the privacy team, including conducting training sessions to ensure all employees are aware of and comply with data privacy policies and procedures Knowledge, Skills, Other Qualifications: Bachelors in law required - Any Specialization. Strong knowledge of U.S., EU, & Indian data privacy laws and regulations and related compliance processes. Familiarity with Canadian data privacy laws and regulations and related compliance processes. Privacy certifications in at least one of the following: CDPSE, CISA, CIPM, CIPP, CISSP, CIPT. Excellent communication (both verbal and written) and interpersonal skills. Strong decision-making, critical thinking, and organizational skills. Ability to work in a cross-functional, cross-cultural matrix environment. Experience working with cybersecurity and data forensic teams, including supporting data governance initiatives and data incident management. Ability to work independently and multitask effectively in a fast-paced environment. Minimum 8-10 years of experience working as part of an internal legal and regulatory compliance function in multinational organizations. Demonstrable privacy and data protection experience is preferable , ideally gained in a services environment or a digital business.

This role will implement and manage data privacy tools and controls, support compliance with UAE and International data protection laws and promote responsible data governance practices across the groups.

Key Responsibilities: Lead implementation of privacy policies and compliance frameworks. Conduct and oversee PIAs, TIAs, and maintain RoPA. Manage data mapping, architecture documentation, and privacy controls. Develop and maintain privacy templates and related documentation. Drive small automation initiatives to support privacy operations. Collaborate with cross-functional teams across legal, IT, and business units. Preferred Qualifications: Deep understanding of global privacy regulations (e.g., GDPR, CCPA). Hands-on experience with Microsoft O365 automation tools. Strong documentation, analytical, and communication skills.