Risk _ Cyber Transformation_ Staff 2_BLR
Bangalore (Bangalore Urban) Infra / Networks / Telecom
Job description
Job Summary:
Data Privacy Consultants would be expected to work in one or more of Cybersecurity services which includes data privacy governance, assessment, remediation, policies, procedures, and classification.
Essential Functions of the Job:
· Designing and implementing data privacy programs at our clients supporting their business.
· Evaluating the data privacy practices of our clients.
· Deploying processes and tools to help detect and prevent privacy breaches.
· Conducting Privacy Impact Assessments
· Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation, California Consumer Privacy Act).
· Ensuring a harmonized approach towards data protection and privacy by bringing together our client’s stakeholders (e.g. legal, compliance, risk, HR security, business functions…).
· Assisting clients in privacy related incident response activities.
· Supporting the client’s team by acting as an interim team member (e.g. security officer, security manager, security analyst.)
· Analytical/Decision Making Responsibilities:
Should be a good team player.
· Excellent verbal and written communication skill.
· Should interface with internal and external clients.
· Strong analytical/problem solving skills.
· Should prioritize and manage multiple tasks and multiple clients.
· Should understand and follow workplace policies and procedures.
· Should independently managing the assigned project/engagement with minimal oversight/guidance from the manager.
Knowledge and Skills Requirements:
· Good understanding of security and privacy laws and regulations (e.g., IT Act, GDPR, HIPAA, GLBA).
· Exposure to data protection and privacy concepts.
· Exposure to data privacy policies and procedures.
· Familiar with international standards and privacy related regulations: ISO27001/2, PCI DSS, SOX,HIPAA
· Active role on the implementation, assessment, correction and evolution of data protection and privacy requirements of the client's organization.
· Good understanding of data subject request handling, creation and population of RoPA, PII related incident management/ data breach, etc.
· Create, implement, manage and review data privacy processes, policies and procedures within area of responsibility to ensure compliance with existing appropriate laws.
· Understand the overall status of privacy undertakings within the client's company portfolio and requirements.
· Maintain current data protection and privacy expertise, skills and competences.
· Monitor and report privacy compliance status and key privacy risks as well as noteworthy trends and changes in the client's business environment.
· Perform initial and periodic data risk assessments and recommends mitigation and remediation efforts proactively and as requested by the management. Conducts related ongoing compliance monitoring activities in coordination with the client's other compliance and operational assessment functions.
· Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.
· Extend required support for any reported data protection and privacy incidents such as information breaches and leakages.
· Ability to communicate in a clear and concise manner.
Other Requirements:
· Job involves travel of more than 50%.
Job Requirements:
Education:
· Bachelor's or Master’s Degree in IT, Law or anything in between that demonstrates your interest in the data privacy domain.
Experience:
· At least 2-4years of experience in Data Privacy implementation, assessments, etc.
Certification Requirements:
· CIPP/CIPM (Desired)
· European Privacy Seal(EuroPriSe) (Desired)
· ISO 27001 (Lead auditor /implementer) (Desired)
· CISSP /CISA /CISM / CIA / CRISK(Desired)
· ISO 22301, ISO 31000, ISO 9000(Desired)