Job
Description
Job Title: Manager - Data Privacy Location: Madhapur, Hyderabad (Work from office only). Candidates looking for remote or hybrid working need not apply. Summary: 1. Will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the DPDPA. 2. The person will be responsible for staff training, data protection impact assessments, and internal audits. 3. He/She will also serve as the primary contact for supervisory authorities and individuals whose data is processed by the organization. Responsibilities: 1. Maintain the DPDPA regulations adherence. 2. Working with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments. 3. Ensure the companys risk register is updated. 4. Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure DPDPA compliance. 5. Create and maintain the Policies and Processes. Review the Process, SOP, blueprint, and guideline documents. 6. Develop methods to monitor and measure risk, compliance, and assurance efforts. 7. Monitor systems development and operations for security and privacy compliance. 8. Identify and correct potential company compliance gaps and/or areas of risk to ensure full compliance with privacy regulations. 9. Perform ongoing privacy compliance monitoring activities. 10 .Implementing measures and a privacy governance framework to manage data use in compliance with the DPDPA, including developing templates for data collection, assisting with data mapping, and vendor management reviews. 11. Serving as the primary point of contact for queries in the Data privacy. 12. Reviewing Customer and vendor contracts and consents. 13. Managing and conducting ongoing reviews of privacy governance framework 14. Monitoring changes to local privacy laws and making recommendations to the Management Committee when appropriate. 15. Setting standards and reviewing policies and procedures globally that meet the requirements under the DPDPA. 16. Developing and delivering privacy training to various business functions. 17. Coordinating and conducting data privacy audits. 18. Collaborating with the Information Security function(s) to raise employee awareness of data privacy and security issues, and providing training on the subject matter. 19. Collaborating with the Information Security function(s) to maintain records of all data assets and exports, and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests 20. Ensuring that the IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data). 21. Working with designated privacy legal team where necessary, outside counsel to help advise on local data privacy law issues. Education: 1) Graduate - Any stream 2) Hold at least one Data Protection and/or Privacy certification such as, CIPP, CIPT, CIPM, Certified Data Protection Officer, etc., (preferred) 3) Security Certifications CISSP, CRISC, CISA, CISM, etc. (optional) Experience: Candidate must have 8-12 years of total experience with 5-7 years of relevant experience Knowledge: 1. DPDPA Audit / Assessments 2. Risk Management 3. Information Security Policy Skills: Manager Data Privacy, IT Risk, GRC
