Data Privacy Manager - DPDP Specialist

Position - Data Privacy Manager 
Reports too - CRO

Location- Mumbai - Goregaon

Role & responsibilities

A Privacy Manager plays a critical role in ensuring compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act). The position involves overseeing privacy governance, implementing consent and notice frameworks, Policy & Procedures, managing grievance redressal, and acting as the single point of contact with the regulatory body. Core responsibilities include conducting Data Protection Impact Assessments (DPIAs) for high-risk processing, monitoring compliance with retention and erasure norms, handling rights requests, and managing data breaches. The role also requires developing privacy policies, training employees, and embedding privacy by design in financial products and digital platforms.

Functional skills include deep knowledge of the DPDP Act and sectoral regulations (RBI guidelines, SEBI norms are additional), risk assessment, incident management, and familiarity with Technology, IT security controls, encryption, and data governance frameworks. Certifications like DCPP / DCPLA (DSCI), FDPPI privacy certification, CIPM, CIPP/E, and ISO 27001:2022 Lead Auditor, ISO 27701 Implementer are highly valued.

Education Background: Bachelors / Masters degree in law, Cyber Security, Information Technology, Information System

Year of experience: 10 to 14 year of work experience

Soft skills: Strong communication to explain complex privacy concepts to business and tech teams, stakeholder management across compliance, IT, and operations, analytical thinking for risk mitigation, ethical judgment, and leadership to drive a privacy-first culture in a highly regulated environment.

Ensuring compliance & designing

frameworks. • Privacy Manager is responsible for oversight on the Organization data privacy framework and ensuring compliance with applicable laws and regulations • Ensure compliance with the Digital Personal Data Protection Act (DPDPA), IT Act and adherence to all rules, operating guidelines and reporting requirements under these Acts. • Work closely and effectively in collaboration with Central DPO & all functions, to ensure complete compliance and control over the Framework • Ensure the data privacy and protection control and testing framework is built into the organizational ORM framework • Ensure process of communication, reporting and accountability is in place for intimation of “Data breach” to all the affected Data Principals and also to the DPDP Board.

Conduct Assessments & Data Testing

Ensure Awareness