7 Dpdpa Jobs

Key deliverables: Develop and implement privacy program components and support DPDPA compliance Conduct DPIAs, privacy risk assessments, and manage data protection controls Act as key privacy advisor across functions, ensuring alignment with evolving laws Handle privacy incidents, data subject requests, and monitor third-party risk Role responsibilities: Support policy drafting, consent framework enhancements, and training programs Monitor global privacy regulations and assess organizational impact Review vendor contracts for privacy compliance and oversee data inventory Coordinate privacy audits, gap analysis, and remediation initiatives across teams

Key deliverables: Implement and maintain data privacy programs aligned with DPDPA and global standards Conduct DPIAs, risk assessments, and consent framework audits Review privacy clauses in contracts and manage third-party privacy risks Support privacy incident response and internal training programs Role responsibilities: Advise business teams on privacy practices and legal compliance Monitor privacy regulations and assess organizational impact Maintain data inventory and support data discovery processes Handle data subject requests and enhance privacy awareness across teams

Managing GRC, IT/IS audits, Data Privacy SEBI/RBI Cyber security framework, Data privacy, GDPR NCIIPC guidelines, NIST framework Managing IT/ Technology audit Program management for DPDPA, ISO 27701:2019 compliance SIEM, PAM, DLP, EDR, DAM, AntiAPT

We are Hiring a Data Privacy Manager for a leading Conglomerate based in Mumbai Education: Bachelor/Masters Degree in Computer Science/ IT /Privacy or any field In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA, HIPAA, and others. Professional certifications such as ISO 27001:2022 / CISA / CISM / DCPP / DCPLA / CIPP/E, CIPM, CIPT, or equivalent is desirable but not mandatory. This position will lead privacy initiatives and ensure organizational compliance with data protection regulations. He/she should have a deep understanding of privacy concepts, laws and a proven track record in managing privacy programs within complex environments. Lead the development and execution of comprehensive privacy programs, including policies, procedures, templates and Identify gaps in privacy processes- Work with business teams to understand the business's current use of Personally Identifiable Information (PII). Work with Privacy partner to identify gaps and work towards the remedial options suggested. Manage privacy incidents, including breach investigations and reporting. Develop and enhance consent management framework. Oversee vendor and third-party data privacy compliance, including contract negotiations and audits. Improve overall compliance from Data Privacy perspective- Build good connections with peers in BUs and their IT SPOCS. Identify gaps as per applicable privacy law. Improve by implementing appropriate technologies & processes. Serve as the primary point of contact for privacy-related matters for internal stakeholders, data subjects and for regulatory authorities. Monitor and respond to changes in privacy legislation, ensuring the organization adapts to remain compliant. Conduct advanced Data Protection Impact Assessments (DPIAs), and risk assessments to identify and mitigate privacy risks. Prepare and update Records of Processing Activities (RoPAs) mapping the lifecycle of personal data across business processes. Enhance awareness of Privacy initiatives- Use all the channels such as regular communication to all employees, e-modules, workshops, Digi TALKS / relevant stakeholders to keep their awareness level up to date on Data Privacy Build a good connection with stakeholders and drive maximum adoption of overall Privacy initiatives. Prepare mandatory and role-specific privacy training and awareness programs for the organization. Develop and publish metrics- Deliver executive-level reporting on privacy metrics, risks, and program effectiveness. Build and share matrices with CISO and CSC members from Privacy perspective Help CISO to drive Privacy related campaigns Assist with data protection audits and manage privacy risk register for the organization. Special Skills Required Technical Skills: In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA, HIPAA, and others. Good understanding of data protection technologies such as DLP, Data classification, CASB, Access control etc. Good understanding of Privacy platforms / technologies to meet DPDP Act or other privacy act requirements. Experience in managing privacy programs, incidents and compliance audits.

Mandatory Skill Must Have : - Data Privacy + Security Job overview : As a Privacy Operations Personnel, you are required to have a deep understanding of data protection regulations. You will be responsible for conducting Privacy Impact Assessments (PIA), performing audits of data privacy practices, and implementing data protection initiatives across the organization. Key responsibilities include providing training and conducting workshops to raise privacy awareness, responding to data breaches, managing data subject rights requests, and ensuring compliance with consent management protocols. Additionally, the role involves supporting privacy champions, maintaining records of processing activities, assessing third party risks, and implementing privacy enabling technologies to safeguard data integrity and compliance across all data handling processes. Key Responsibilities: 1. Identify compliance review requirements with DPO, conduct periodic reviews. 2. Periodically update data privacy and protection policy, procedures in compliance to the applicable laws and regulations. 3. Identify privacy training needs, develop privacy training programs aligned with data protection laws, obtaining approval on training objectives. 4. Conduct periodic training sessions with HR and department level Privacy Champions, to create awareness about data privacy and protection. 5. Maintain records of processing activities documents for all personal data processing activities. 6. Conduct Privacy Impact Assessments (PIA) for all personal data processing activities and Data Privacy Impact Assessments, as required. Update Privacy Risk Register, and report delays to DPO. 7. Assist the Legal team and Business Owners in drafting privacy notices, cookie policy, consent banners, etc. 8. Drive Privacy by Design principles, aiding business owners, Technology, and IT team. 9. Handle data subject rights requests, update request register, and communicate responses. 10. Ensure Third Party Risk Management Procedure compliance with regulations. 11. Assist Procurement in third party risk assessments, negotiate agreements, and perform due diligence. 12. Conduct due diligence on third parties' practices from a data privacy and protection standpoint, establish Data Processing templates, and verify guarantees. Required Qualifications and Skills: Bachelors degree in law, Information Security, or related field (masters degree preferred). Certification in data protection (e.g., CIPP/E, CIPM) highly desirable. Strong understanding of data protection laws and regulations (e.g., DPDPA, GDPR). Excellent communication and people skills. Ability to work collaboratively with cross functional teams. Meticulous with strong analytical and problem solving abilities. Prior experience in privacy operations or related field preferred. Proficiency in relevant software and tools for privacy management and compliance. Experience Range : - 11-14 Years

Job Purpose: The Security Architect will be responsible for designing, implementing, and maintaining the overall security posture of the NBFC's IT infrastructure, applications, and data. This role involves developing and enforcing security policies, standards, and procedures to protect the organization from cyber threats, ensuring compliance with regulatory requirements, and safeguarding customer data. The Security Architect will work closely with IT, risk management, and business teams to align security strategies with business objectives. Key Responsibilities: Information Security Strategy Develop and implement an organization-wide information security strategy and vision. Align information security initiatives with business goals and objectives. Stay abreast of emerging threats and technologies to adapt the security strategy accordingly. Meeting and Board Presentation Participate in senior management meetings. Present the security strategy and vision to the board. Present risk and mitigation plans to the risk committee. Risk Management Identify, assess, and prioritize information security risks. Develop and implement risk mitigation strategies. Establish risk management frameworks and policies. Security Policies and Procedures Develop, implement, and enforce information security policies and procedures. Ensure compliance with relevant laws, regulations, and industry standards. Promote security awareness and education throughout the organization. Incident Response and Management Develop and maintain an incident response plan. Lead and coordinate responses to security incidents. Conduct post-incident reviews and implement improvements. Security Architecture Design and implement a robust information security architecture. Evaluate and select security technologies and tools. Ensure the integration of security measures into the organization's IT infrastructure. Security Awareness and Training Develop and implement security awareness programs for employees. Provide training to staff on security policies and best practices. Vendor and Third-Party Risk Management Assess and manage the security risks associated with external vendors and third-party relationships. Ensure that third-party contracts include appropriate security requirements. Compliance Monitor and ensure compliance with relevant data protection and privacy laws. Coordinate with legal and compliance teams to address regulatory requirements. Ensure compliance with relevant regulatory requirements (e.g., RBI guidelines, DPDPA, Cert-In, etc.). Security Audits and Assessments Conduct regular security audits and assessments. Prepare and maintain documentation for audits and regulatory inspections. Ensure the effectiveness of security controls and measures. Security Governance Establish and chair a security governance committee. Report regularly to executive leadership and the board on the state of information security. Budget and Resource Management Develop and manage the information security budget. Allocate resources effectively to support security initiatives. Collaboration and Communication Collaborate with other senior executives to integrate security into overall business strategies. Communicate effectively with stakeholders about the importance of information security. Provide guidance and training to employees on security best practices and awareness.

Role- Data Protection Location: Bangalore, Hyderabad,Mumbai , Pune, kolkata, chennai and Gurgaon Exp- 3-9 yrs Qualifications and Experience Required: B.E. / B. Tech / MBA Demonstrated experience in designing and implementing technology and process solutions to reduce the potential risk of data compromise Understanding of the entire ecosystem of data protection including well-rounded understanding of the information security domains and their inter-relations across that ecosystem Minimum 5 years of relevant experience required on Data Protection technologies Strong domain expertise, implementation and/or integration skills in two to four or more (depending on years of experience) of following areas: Data classification and inventory programs including the use of data discovery tools Data Loss Prevention Database activity monitoring Data access governance Cloud Access Security Broker Securing credential repositories and authentication services Systems administration experience with various operating systems such as Windows Server, Unix, and Linux DBA experience with database technologies such as Oracle and Microsoft SQL Understanding of key industry and regulatory requirements such as PCI, HIPAA, NIST Cyber Security Framework, NERC, or FFIEC requirements Demonstrated ability to identify and address internal and external client needs, including: Demonstrated problem solving and critical thinking skills Working collaboratively with clients to design and implement process and technology solutions Able to build solid, trust - based relationships with stakeholders Excellent verbal and written communication Willingness to travel Preferred: • CISSP, or equivalent certification desired • Technical skills including scripting - Python/JAVA/ASP/C#, Coding frameworks • Data protection product certifications • Previous experience with cyber incident response