Role & responsibilities
Position Overview:
We are seeking an experienced and dynamic Data Protection Officer (DPO) and Legal Compliance Lead to oversee and uphold data privacy, security, and legal standards across Indian and Moroccan operations of our client. The successful candidate will act as a guardian of data privacy, ensure compliance with global and regional laws such as GDPR, BCR, and emerging AI regulations, and provide comprehensive legal oversight to support business operations.
Core Responsibilities:
1. Data Privacy & Governance:
Regulatory Compliance:
Lead compliance efforts with GDPR, BCR, Indias DPDP Act & Rules, Moroccos data protection laws, and other relevant data privacy regulations.Policy Development:
Design and implement comprehensive data protection policies, procedures, and controls tailored to diverse jurisdictions.Data Mapping & Inventory:
Maintain detailed records of data processing activities across all operational regions.DPIAs & Risk Management:
Conduct Data Protection Impact Assessments (DPIAs), Privacy Risk Assessments, and develop mitigation strategies.Data Breach Management:
Establish and oversee incident response plans, coordinate breach investigations, and communicate with authorities as required.Data Subject Rights:
Ensure mechanisms are in place to handle data subject access requests, rectification, erasure, and portability requests efficiently.
2. AI & Emerging Technologies Compliance:
AI Governance Frameworks:
Develop and monitor policies regarding the ethical use of AI, automation, and machine learning models.Regulatory Monitoring:
Stay updated on evolving AI regulations in relevant jurisdictions, particularly in the EU (e.g., AI Act), UK, and other markets.Risk & Impact Assessments:
Conduct AI-specific impact assessments and ensure transparency and accountability in AI-driven processes.Training & Awareness:
Educate teams on AI ethics, bias mitigation, and compliance standards.
4. Cross-Regional Coordination & Reporting:
Regional Collaboration:
Liaise with regional compliance and legal teams in Europe, UK, Asia, Japan, and other locations to ensure unified compliance standards.Training & Capacity Building:
Conduct regular training sessions for staff on data protection, legal updates, and AI governance.Audit & Monitoring:
Support internal and external audits, prepare compliance reports, and implement corrective actions.
5. Other Legal & Corporate Responsibilities:
Corporate Governance:
Support governance initiatives, including board reporting and regulatory filings.Intellectual Property & Data Assets:
Safeguard company’s proprietary data, software, and intellectual property rights.Legal Dispute Support:
Assist with legal disputes, investigations, and resolution strategies.Policy Advocacy:
Engage with industry bodies and regulators to stay ahead of upcoming legal and compliance trends.Contract Management:
Draft, review, and negotiate legal agreements, including customer contracts, vendor agreements, data processing agreements, and confidentiality agreements.Regulatory Liaison:
Act as the point of contact for local and international regulators, ensuring timely communication and compliance.Legal Advisory:
Provide legal counsel on insurance, financial services, and cross-border data transfer issues.Policy & Procedure Development:
Assist in creating and updating internal policies to reflect current legal and regulatory requirements.
Preferred candidate profile
Educational Background:
Bachelor’s degree in Law (LLB or equivalent); additional certifications in Data Privacy Law (e.g., CIPP/E, CIPM), AI Ethics, or Compliance are highly desirable.Experience:
Minimum of 7 years’ experience in data protection, privacy, and legal compliance roles, with exposure to insurance, finance, or technology sectors.Legal & Regulatory Knowledge:
- Deep understanding of GDPR, BCR, India’s DPDP Act and Rules, Morocco’s data laws (preferable), and other regional legal frameworks.
- Familiarity with AI regulations in Europe, data transfer mechanisms, and cross-border compliance.
Technical Skills:
Ability to interpret complex legal and technical issues, conduct DPIAs, and assess AI models.Communication & Interpersonal Skills:
Excellent written and verbal communication skills; capable of training diverse teams and engaging with regulators.Analytical & Problem-Solving Skills:
Strong ability to analyze legal risks and develop practical compliance strategies.Multicultural Sensitivity:
Experience working across different cultures and legal environments, with a proactive and collaborative approach.
Preferred Attributes:
- Certification in Data Privacy (e.g., CIPP/E, CIPM)
- Experience working in multinational or cross-jurisdictional environments
- Knowledge of insurance and financial services legal landscape, experience in captive centers is added advantage
- Experience with AI ethics and compliance frameworks
