7 Cipm Jobs

# Design & implement data privacy programs, conduct audits, manage compliance with GDPR & global laws, and support ISO 27001/27701 implementation. # Collaborate with clients to enhance privacy frameworks and handle incidents & data subject requests Required Candidate profile # Minimum 3 yrs exp in data privacy/security #Strong knowledge of ISO 27001, 27701, NIST, GDPR, CCPA. #Hands-on with assessments, audits, and ISMS. Preferred: CIPM, CIPT, or CIPP/E.

As a business analyst, you will be responsible for: Business Requirements and Specifications : Identify and translate business needs into functional specifications. Documentation : Produce high-quality documentation for requirements gathering, business analysis, and process mapping/optimization. Collaboration: Collaborate with architects, engineers, and analysts in various locations to attain desired outcomes. Project Management & Delivery : Collaborate with Product/Project Managers to develop project plans, identify risks and issues, participate in backlog grooming, prioritize tasks, and assist in iteration planning with the delivery team. Overseeing end-to-end delivery of projects from inception through to completion. Stakeholder Engagement : Lead interactions with global sales and marketing stakeholders. Presentation and Reporting : Prepare presentation materials for senior leadership and support project status monitoring and reporting. Functional Expertise : Develop deep expertise in the specified business areas, stay updated with industry trends, and continuously improve the operating model. User Support and Training : Provide support and training to users on technology platforms and tools. Mentorship : Serve as a mentor or coach to junior business analysts within the team. About you With a solid background in the analysis, design and implementation of complex technology solutions, youre the specialist we need. You: Experience : Minimum 6 years of business analysis experience within the asset management industry or financial services/investment banking industry. Technical Skills & Industry Knowledge: Experience with industry-standard software delivery life cycles, including both in-house built systems and vendor implementations. Experience in Content Management Systems (built inhouse or vendor solution) Working knowledge of databases and SQL queries. A good understanding of the end-to-end asset management process and data. Thorough understanding of different asset classes, including Equity, Fixed Income, and Multi-Assets. Communication Skills : Effective communication and problem-solving skills to explain complex ideas to non-technical audiences. Experience working with senior business stakeholders. Strong problem-solving and teamwork skills. Education & Professional Qualifications: B. Tech B.E. or MBA (Finance) preferred Relevant certifcations such as CFA, FRM, or CIPM being advantageous. Additional Skills (Nice to Have): Familiarity with CRM systems, with Salesforce experience preferred. Experience with sales and marketing tools such as Seismic, Marketo, Medallia, etc. Knowledge of visualization tools like Tableau, Power BI, DOMO, etc. Experience with third-party market data providers like Bloomberg, Morning Star etc. Experience working in data platforms. Experience in decommissioning & replacing legacy systems with strategic systems.

Role & responsibilities Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the data protection & confidentiality policy such as the principles of data processing, data subjects rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches. Policy and Procedure Development: Design, implement, and maintain data protection policies and procedures in line with relevant laws and best practices. Monitoring Compliance: Ensure the organization's adherence to privacy and data protection regulations, and regularly review the effectiveness of data protection controls. Legal Support & Data Protection Impact Assessments (DPIA): Oversee DPIAs to evaluate potential risks associated with the processing of personal data and provide legal guidance to mitigate those risks. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify and minimize privacy risks, and implement measures for risk management and mitigation. Data Protection Training & Awareness: Develop and deliver data protection training to all staff members, raising awareness of data security and privacy best practices. Vendor & Third-Party Risk Management: Evaluate and manage risks associated with third-party service providers and vendors to ensure their compliance with data protection requirements. Data Governance & Data Stewardship: Establish and oversee the organizations data governance framework, ensuring proper management, usage, and protection of data assets. Data Subject Requests (DSR) Management: Manage requests from data subjects regarding access to personal data, data deletion, or other data-related queries, ensuring full compliance with data protection regulations. Overall responsibility for monitoring compliance with Data Protection Policy; Liaison with IT to collect Data Leakage Prevention reports and analyse them. Identify and monitor the data processors whilst at work, ensuring that they deal with data in a manner consistent with the key data protection principles. To build understanding and awareness of data privacy issues throughout the organization, the DPO must have excellent communication and presentation skills Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide organizational compliance and conformance reports on privacy and data protection to the top management. Provide guidance to delivery and support functions on processing of personal data. Conduct Assessments, Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps. Maintain data flow maps for the process where personal data is processed. Undertake data protection and privacy compliance audits in accordance with applicable requirements Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Take into account the risk associated with processing activities being undertaken and be able to advise the business accordingly having regard to the nature, scope, context and purposes of the processing. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Development and update a comprehensive privacy awareness training program and promote awareness across the company Preferred candidate profile Education: Bachelor's degree in Law, IT, Computer Science, or a related field. A Masters degree in Data Privacy, Information Security, or Cyber Law is highly desirable. • Certifications (Required): Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) Certified Information Security Manager (CISM) • Certifications (Good to have): Certified Data Privacy Solutions Engineer (CDPSE) ,Certified Information Systems Security Professional (CISSP) Experience: Minimum of 12-14 years of experience in Data Security, Privacy Management, or Information Security. Extensive experience with privacy laws and regulations, including GDPR, CCPA, DPDP Act, etc. Proven track record of implementing and managing data protection and privacy programs in large organizations

We are Looking for candidate who could join our Risk Team to assist in Data Privacy with their knowledge and experience. JOB ROLE The Data Privacy Manager will assist in implementing, maintaining, and monitoring data protection and privacy initiatives across the organization. This role involves ensuring compliance with applicable data protection laws and standards, fostering a privacy-conscious culture, and supporting operational privacy activities. KEY RESPONSIBILITIES Data Protection Program Implementation: Support the DPO in developing and executing the organizations data protection and privacy strategy. Assist in the creation, review, and updates of privacy policies, procedures, and guidelines. Ensure alignment of privacy practices with regulatory requirements and internal frameworks. Compliance Monitoring: Monitor adherence to data protection policies and procedures. Assist in maintaining records of processing activities (ROPA) and other compliance documentation. Conduct regular privacy assessments, audits, and gap analyses. Training and Awareness: Design and deliver privacy training programs for employees. Develop tools and materials to raise awareness about privacy compliance. Provide advice and support to departments on privacy and data protection issues. Data Breach Management: Assist in the identification, assessment, and management of data breaches. Coordinate breach notification procedures in line with legal requirements. Maintain an incident log and track resolution activities. Data Principal Rights Management: Support the DPO in handling data subject access requests (DSARs) and ensuring timely responses. Assist in addressing queries related to privacy rights and data protection practices. Vendor and Third-Party Management: Conduct data protection impact assessments (DPIAs) and third-party risk assessments. Review privacy clauses in vendor contracts and ensure compliance with data protection requirements. Establishing a Privacy Governance Framework: Support in establishing a privacy governance framework within the organization to ensure that the privacy controls are diligently adhered. Collaboration and Stakeholder Engagement: Liaise with IT, legal, HR, and other departments to embed privacy by design and default. Act as a point of contact for internal and external stakeholders on privacy-related matters. MANDATORY SKILLS REQUIRED Analytical skills: Ability to assess privacy risks and design effective technological solutions. Communication and interpersonal skills: Strong communication skills and to collaborate with cross-functional teams and explain technical concepts to non-technical stakeholders. Problem-solving: Demonstrated ability to resolve complex technical privacy challenges. Technical Knowledge: Proficiency in using data protection and GRC tools, Excel/Power BI, and knowledge of AI governance. QUALIFICATIONS Education: Masters/Bachelors degree in Information Security, IT. Certifications: Preferred certifications such as CIPP/E, CIPM, CIPT, CDPSE or equivalent.

Roles & Responsibilities: Conduct Data Inventory exercises, Privacy Threshold Assessments, Privacy Impact Assessments, and Data Protection Impact Assessments to identify and mitigate privacy risks related to new projects, products, or services. Develop, implement, maintain, and communicate privacy policies, processes, and procedures that comply with data privacy protection laws, regulations, and industry best practices. Participating in internal design discussions to ensure data protection requirements are clearly defined early and throughout the development life cycle for new projects. Ensuring data privacy and protection obligations are met. Monitoring changes in relevant data privacy and protection laws and regulations to ensure ongoing compliance. Manage and respond to Data Subject Access Requests (DSAR) to ensure compliance with data privacy protection laws, regulations, and guidance. Work cross-functionally with employees at all levels across the firm to ensure efficient integration of the Data Privacy Program into business processes. Guide functional departments in following the process for intake, verification, processing, analysis, and answering data subjects questions and requests under the GDPR, CPRA, and other regulations. Monitor and update (as necessary) the companys data map, which includes company and third-party managed personal information Collaborate with IT, HR, Operations, and other functional teams to ensure data protection and privacy initiatives are understood and implemented. Track and monitor updates and developments to applicable data privacy laws and regulations, as necessary. Grow and develop the privacy team, including conducting training sessions to ensure all employees are aware of and comply with data privacy policies and procedures Knowledge, Skills, Other Qualifications: Bachelors in law required - Any Specialization. Strong knowledge of U.S., EU, & Indian data privacy laws and regulations and related compliance processes. Familiarity with Canadian data privacy laws and regulations and related compliance processes. Privacy certifications in at least one of the following: CDPSE, CISA, CIPM, CIPP, CISSP, CIPT. Excellent communication (both verbal and written) and interpersonal skills. Strong decision-making, critical thinking, and organizational skills. Ability to work in a cross-functional, cross-cultural matrix environment. Experience working with cybersecurity and data forensic teams, including supporting data governance initiatives and data incident management. Ability to work independently and multitask effectively in a fast-paced environment. Minimum 8-10 years of experience working as part of an internal legal and regulatory compliance function in multinational organizations. Demonstrable privacy and data protection experience is preferable , ideally gained in a services environment or a digital business.

This role will implement and manage data privacy tools and controls, support compliance with UAE and International data protection laws and promote responsible data governance practices across the groups.

Technical Consultant OneTrust Privacy Platform Description Governance, Risk & Compliance consulting team is looking for OneTrust certified technical Privacy SMEs to be part of our consulting/professional services division. The candidate must be highly experienced in providing implementation of OneTrust platform inclusive of integration with 3rd party tools and also should have the knowhow of functional aspects of the tool. The OneTrust data privacy consultant will be required to work on global/international consulting as well as technology implementation projects Qualification, Work Experience & Certifications Bachelors/Masters degree or higher in Computer Science, Information Systems or a related field. ONETRUST Privacy Product Certification (Mandatory) Overall IT professional with experience of8+ year At least 6+ yearsof Information Security, Risk Management, Compliance Management and delivery experience. Experience in handling global client stakeholders Excellent Communications & Presentation skills CISA, CISM, CIPM/CIPT, CIPP/E, CIPP/US (at least one certification preferred) Responsibilities Implementation of data privacy requirements using OneTrust platform Build forms, events, workflows, integration with 3rd party products, reports on the OneTrust platform. Oversee the functional and technical implementation and platform adoption for all customer proof of concept projects from start to finish. Technical understanding and experience working with the following concepts: (HTML, CSS, JS • REST APIs • JSON • Scripting :Python, Powershell, Bash, etc) Understanding data privacy stature in client organization Custom make and implement privacy compliance program in client organization Execute data discovery & privacy impact assessment manually as well as using ONETRUST technology platforms. Execute project which involve advise, create & documentation of policies and procedures to help organizations protect their data (e.g. PII, Sensitive data, Financial data etc.) Research and analyze new data privacy regulations evolving across the globe Define technical and business requirements for data privacy and information governance solutions Implement data privacy, information governance, IT and information security related technology products. Perform basic supervisory duties to mentor and coach junior staff. Develop people through effective trainings and certification guidance.