Associate Vice President - Data Privacy - Bank

About Client:

It is India's 1st payment's bank.

Job Description:

Responsibilities:

- Lead and overseeclient's Data Protection programmed and related initiative.

- Manage and monitors compliance with all applicable Data privacy laws, regulations and standards including DPDPA, GDPR etc.

- Perform regular compliance assessments and reporting, i.e. Data Privacy Impact Assessment (DPIA)

- Work with business and technical team members, third party vendors and auditors to ensure adherence to all applicable Data protection law, regulations and standards

- Provide periodic and adhoc security awareness training for employees/contractors to increase Data Protection awareness pertaining to their job functions and evaluate training effectiveness

- Recommend and develops KPIs and metrics to evaluate the Data protection / Privacy program and related controls.

- Participate in planning, scheduling and preliminary analysis for all internal and external Data

- Protection / Privacy audits and assessments and maintain list of outstanding audit actions and works with the remediation team to remediate identified gaps

- Oversee process documentation and compliance adherence

Measures of Success:

- Timely implementation of data privacy programs at org level

- Completion of privacy impact assessments as per schedule

- Timely reporting of data privacy incident both internally and to the regulator as per the mandate

- Timely updation and board approval for data privacy policy

- No adverse observations in internal/external audits

- Timely completion of data privacy trainings for all eligible users

- Timely remediation of any findings or recommendations made by any of the internal or external assessors as part of privacy impact

- Adherence to data privacy policy within the organization

Qualifications:

- 10-12 years of post qualification experience.

- Relevant Experience with respect to the role: At least 05 years of experience in working with privacy laws, including drafting of privacy policies, technology provisions, and working on compliance.

- One or more certifications related to Privacy, i.e., Certified Information Privacy Professional (CIPP/E), Certified Data Privacy Solutions Engineer (CDPSE),Certified Information Privacy Manager (CIPM), DSCI Certified Privacy Professional, CISSP, DSCI Certified Data Protection Officer (DCDPO) or any other equivalent certification

- Experience in technical training and in conducting awareness sessions

- Experience in dealing successfully with different business and external stakeholders

- Experience working with IT programming or infrastructure, including certification in information security standards

- Experience in performing audits of information systems, attestation audits and risk assessments

- Knowledge on how to assess, develop and implement Data Privacy program including drafting of privacy policies, standards, processes, procedures and technology provisions etc.