Hiring for leading companies / Data privacy manager

 

Job Summary:

The Data Privacy Manager (DPM) is responsible for overseeing the organization's data protection strategy and its implementation to ensure compliance with data privacy laws and regulations in India and other applicable jurisdictions. The DPM will act as a subject matter expert on data protection and privacy matters, ensuring that the company’s data processing activities comply with the law, and advising on data privacy risks and issues.

Key Responsibilities:

Compliance and Governance:

· Develop and maintain a robust data privacy program that aligns with the Information Technology Act, 2000, and other applicable data privacy laws.

· Monitor compliance with data protection laws and internal policies through regular audits and assessments.

· Serve as the point of contact for data protection authorities and individuals whose data is processed (employees, customers, etc.).

Policy Development:

· Draft, implement, and update the organization's data protection policies and procedures.

· Ensure that data privacy policies are integrated into the organization's overall risk management and compliance framework.

Training and Awareness:

· Develop and conduct data protection and privacy training programs for employees and stakeholders.

· Promote data privacy awareness and culture within the organization.

Data Management and Security:

· Collaborate with IT, Business Units, LRM and Security teams to ensure data security measures are in place and effective.

· Manage data breach response processes, including notification and remediation efforts.

Legal and Regulatory Liaison:

· Stay current with changes in privacy laws and regulations and communicate these changes to the relevant stakeholders.

· Advise on contractual and legal matters related to data privacy, including data processing agreements.

Risk Management:

· Conduct data privacy impact assessments (DPIAs) for new projects, systems, or processes involving personal data.

· Identify and mitigate data privacy risks within the organization.

Incident Response:

· Manage and respond to data breaches and data subject access requests (DSARs).

· Ensure timely reporting of data breaches to regulatory authorities and affected individuals as required.

Qualifications:

Bachelor’s degree in law, Information Technology, Business Administration, or a related field. A Master's degree or professional certification (e.g., CIPP/E, CIPM, CIPT) is preferred.

Extensive knowledge of data protection laws, including the Information Technology Act, 2000, and emerging data privacy regulations in India i.e. DPDPA and globally.

Understanding of ISO 27001:2022, ISO 31000

Minimum of 5-7 years of experience in data protection, privacy, compliance, or a related field.

Proven experience in developing and implementing data protection programs.

Skills and Competencies:

Strong understanding of Information technology and data management systems.

Excellent analytical and problem-solving skills.

Exceptional communication and interpersonal skills.

Ability to work independently and as part of a team.

High level of integrity and professional ethics.

INTERNAL DOCUMENT

INTERNAL DOCUMENT

INTERNAL DOCUMENT

 

Location - MUM