Role Overview:

We are seeking an experienced Data Protection and Privacy Manager, who will be responsible for overseeing the organization's data protection strategy and ensuring compliance with Indian laws such as the Information Technology Act, 2000, and the Personal Data Protection Bill.The DPPM will work closely with DPO and regulatory authorities to ensure that sensitive data is processed securely and ethically. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards and law.

Key Responsibilities:

• Legal Compliance: Ensure adherence to data protection laws, including local DPDPA, IT Act and international regulations like GDPR.
• Policy Development: Formulate and implement data protection policies and guidelines across the organization.
• Data Breach Management: Investigate and report data breaches to relevant authorities within the stipulated timeframe.
• Training & Awareness: Conduct training sessions for employees on data protection practices and raise awareness about privacy policies.
• Impact Assessments: Perform Data Protection Impact Assessments (DPIA) to identify risks and recommend mitigation strategies.
• Grievance Redressal: Act as the point of contact for data principals (individuals) for grievances related to data handling or privacy violations.
• Recordkeeping: Maintain records of all data processing activities and policies for audit and regulatory purposes.
• Liaison:With regulatory agencies and stakeholders regarding data protection matters.

Qualifications and Experience:

1. Bachelor's degree in Information Security, Computer Science, and Law.
2. Certification in Data Protection or Privacy Management is mandatory, like - CIPM, CDPSE, DCPLA, DCPP and DCDPO
3. 8-10 years of experience in security management.
4. Strong understanding of IT infrastructure , data security best practices, and frameworks.
5. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI).
6. Excellent communication, interpersonal, analytical and leadership skills.
7. Knowledge of emerging technologies, their impact on data protection and ability to handle sensitive information discreetly.