Manager - Digital Trust/Data Privacy & Ethics

Department: Technology Solutions

Location: Mumbai

Experience - 8 Years +

Job Summary:

- As a Manager in the Digital Trust team, you will be responsible for providing strategic guidance and expertise in data privacy and ethics.

- You will play a crucial role in assisting clients in navigating the complex landscape of data protection laws, regulations, and ethical considerations.

- You will work closely with clients to assess their data privacy maturity, develop policies and controls, and ensure compliance with relevant laws and regulations.

- Your role will involve assessing privacy risks, conducting privacy impact assessments, and providing recommendations to help organizations maintain data privacy, ensure ethical data handling practices, and build trust with their stakeholders.

Key Responsibilities:

1. Data Privacy Compliance: Assist clients in understanding and complying with relevant data privacy laws and regulations, such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other regional data protection laws.

2. Privacy Program Development: Collaborate with clients to develop and implement comprehensive privacy programs, including privacy policies, consent mechanisms, data subject rights processes, and data breach response plans.

3. Privacy Impact Assessments: Conduct privacy impact assessments (PIAs) to identify and assess privacy risks associated with new projects, technologies, or processes, and provide recommendations to mitigate those risks effectively.

4. Data Mapping and Classification: Work with clients to understand their data landscape, conduct data inventories, and classify data based on its sensitivity and regulatory requirements.

5. Ethical Data Handling: Advise clients on ethical considerations surrounding data collection, usage, storage, and sharing, ensuring that their practices align with ethical and governance standards.

6. Employee Awareness and Training: Develop and deliver privacy and ethics training programs to increase employee awareness and promote a culture of privacy and data ethics within organizations.

7. Privacy by Design: Promote the concept of privacy by design and work with cross-functional teams to embed privacy controls and principles into technologies and processes from the early stages of development.

8. Data Subject Requests: Support clients in managing data subject requests, including requests for access, rectification, erasure, and restriction of processing.

9. Regulatory Compliance: Stay up to date with evolving privacy and data protection regulations and provide guidance to clients on compliance requirements and best practices.

10. Client Relationship Management: Build and maintain strong relationships with clients, serving as a trusted advisor and providing valuable insights and guidance on all privacy and ethics-related matters.

Qualifications and Experience:

- Bachelor's degree in Computer Science, Information Systems, Law, or a related field.

- Minimum 8 years of experience in data privacy, data protection, or a related field.

- Solid understanding of privacy laws and regulations, such as GDPR, CCPA, and related frameworks, and their practical application in organizations.

- Familiarity with ethical considerations and frameworks related to data handling and data-driven technologies, such as AI and machine learning.

- Experience in conducting privacy impact assessments, data mapping, and classification exercises.

- Strong knowledge of privacy program development, including policy creation, consent mechanisms, data breach response, and employee training.

- Understanding of IT security principles and practices, as well as their impact on privacy and data protection.

- Excellent analytical and problem-solving skills with the ability to assess risks and provide practical recommendations to mitigate them.

- Exceptional communication and interpersonal skills, with the ability to effectively communicate complex privacy concepts to both technical and non-technical stakeholders.

- Relevant privacy certifications, such as Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), or equivalent, are highly desired.

- Familiarity with privacy-enhancing technologies and privacy frameworks, such as Privacy-Enhancing Technologies (PETs) and Privacy by Design (PbD), is a plus.