Data Privacy Specialist - IT

Job Summary :

Data Privacy Specialist help organization implement best practices for data privacy and security, maintain compliance with privacy laws and regulations, and conduct risk assessments to identify potential privacy threats. They also advise on privacy-related issues, develop privacy policies and procedures, and manage data breaches.

Responsibilities :

- Provide expert advice and guidance to employees and Corporate & Business teams across the regions in relation to data protection and privacy

- Develop and participate in implementation of client initiatives focused on the reduction of technology risk, governance and compliance to policies and external regulatory compliance

- Develop and maintain comprehensive internal data protection policies and procedures, consistent with regulatory requirements

- Performing and investigating internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.

- Documenting and reporting control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.

- Regularly monitor and report on changes in data protection obligations. Perform a gap analysis in relation to new legislation, regulatory guidance and/or compliance frameworks, and oversee the implementation of applicable requirements across the business

- Document action plans to address identified privacy risks and maintain an up-to-date privacy risk register

- Lead, as required, and maintain cross-functional working groups to coordinate privacy efforts, including current projects and initiatives and regulatory awareness

- Manage data subject rights requests and privacy-related complaints

- Act as the point of contact for internal and external data protection audits

- Work with all key business areas, and support functions to ensure data privacy issues are considered at the outset of new projects, products, and initiatives

- Handle personal data incidents and provide subject matter expertise to assess the impact of the incident and measures for mitigating the risk. Where applicable assist with reporting of confirmed breaches to concerned regulatory authorities and impacted data subjects

- Support the development and roll out of privacy training, communications, and awareness campaigns (both mandatory and targeted training) across the organization to reinforce privacy policies, procedures, and practices

- Supports the business in conducting Data Privacy Assessments and Data Protection Impact Assessments (DPIA)

- Cascades information from Data Privacy further into the organization and contributes to best practice sharing

- To conduct Privacy Impact Assessment (PIA) and Data Privacy Impact Assessment (DPIA)

- To provide remediation recommendations including technical solutions regarding the gaps identified

- To provide support for privacy related incident management process, recommendations to incidents, to help in preparation of mitigation plan and to provide support in closing the incident

- To prepare training material and provide training about maintaining required data privacy standards while collecting, storing, processing and destruction of data

Qualification :

Technology Stack: Data Privacy, Information Security Regulatory & Compliance, CIPP, CIPM, CIPT, CDPSE, DCPP

Experience Range: 4 to 8 Years

Education: BE/B. Tech/MCA/M.Sc./MTech