Manager - Data Privacy

Responsibilities

• Strategize and provide vision, governance, compliance, and road-map and upgrade data privacy and protection program/practice continuously
• Sustain, Update, and improve privacy programs including processes, policies, and guidelines per various privacy regulations like GDPR (EU & UK), CCPA, IDPR, LGPD, DPDP, and sustenance of ISO 27701 Latest.
• Perform auditing and compliance activities to ensure privacy framework effectiveness and provide recommendations for improvement Managing customer requirements and business support for privacy and data protection
• Conducting Privacy Assessment/Privacy Impact Assessment, suggest suitable corrections.
• Upgrade, sustain, and improve  various processes and implement controls applicable for privacy and data protection requirements for various country-specific privacy laws including but not limited to i.e., GDPR, LGPD, CCPA, PDPB, ISO 27701, and SOC 2 Type 2 (SSAE 18)
• Provide necessary training and charter to all the Zeta teams, stakeholder management,  legal and marketing, and Business
• Close coordination for Business Support, agreements, and contracts. Responsible for third-party risk assessments concerning privacy
• Privacy GRC Implementation and automation Ensure all the services, as well as operations, are Privacy compliant from processor and controller perspective
• Review relevant data privacy laws and provide inputs on product implementation on Privacy as a Subject Matter Expert and address various data privacy continuously into products and services as Controller, Processor and sub processor. Review, upgrade, and implement  Privacy guidelines from RBI, NPCI, and DPDP for India and other Geo regulations for  EU, UK, and USA. 
• Monitor and measure privacy program implementation through internal audits, management reviews, and metrics.
• Act as DPO, handling privacy incident management, breach management, and data subject rights (DSR) management. 
• Liasoning with customers, external entities, and regulators for privacy and data protection-related issues.
• Management reporting and escalation management and timely intervention to avoid privacy incidents or breaches.
• Represent Zeta and Privacy forums
• Maintaining ISO 27001, PCI DSS, SSAE 18, GDPR, UIDAI etc. Security and Compliance Standards.

Skills

• Thorough understanding of various Data privacy regulations and privacy concepts
• Privacy Certifications like CIPP, CIPT, DCPP, and DCPLA preferably10  to 15  years of overall experience in Security and Privacy implementation in BFSI/Fin-tech/Payments domain especially the last 5 years as a Privacy Officer/ Privacy Manager or as DPO.
• A good understanding of ISO 27001/2, ISO 27018, NIST CSF, etc is desirable
• Excellent written and oral communication and a penchant for technical documentation

Experience and Qualifications

• Experience of General Data Protection Regulation (GDPR, CCPA, ISO 27701 Latest and DPDP  implementation
• Experience in performing PIA, DPIA, Data mapping etc.
• Experience in Privacy Assessment & Vendor Risk Assessment and respond to client Request for Proposal (RFP)
• Bachelor of Technology (BE/B.Tech), M.Tech or ME in Computer Science, MCA or equivalent is preferred.