10 Cipp Jobs

We are seeking an experienced Privacy Professional to join the Worldwide Compliance & Business Ethics (WC&BE) Department of a global pharmaceutical/biotechnology company headquartered in Southern California. This individual will be located in Hyderabad and will play a critical role in supporting Amgen's Privacy Compliance program in Asia, as part of the international privacy compliance team. The role reports directly to the Chief Privacy Officer. Roles and Responsibilities Provide advice, guidance, and/or support to local Compliance professionals regarding: Any data protection issues arising at respective affiliates. Data Protection Authority (DPA) Notifications and Prior Approval submissions. Data Subject Inquiry responses (including access requests and requests for correction or deletion). DPA inquiries and inspections (including advising on filing of DPA Notifications etc.). Audit preparation and remediation . Regional execution of timely self-assessments to detect Privacy and Data Protection gaps and immediate communication of gaps to the Head of Global Privacy (including liaising with business partners and Information Systems to remediate self-assessments and audit gaps). Any needed privacy-related training . Provide advice, guidance, and/or support to the Global Privacy Compliance team regarding: Regional or local privacy regulations and DPA activities pertaining to relevant regions. Local and/or regional privacy risks . Status of the Privacy Compliance program in respective countries on a regular basis. Cross-border issues and assist in the development and implementation of solution-oriented approaches to Privacy and Data Protection compliance in the assigned region and across Amgen. Best practices and how to improve cross-geographical and cross-functional awareness of Privacy and Data Protection. Implementation and identifying any needed improvements in the Privacy Incident Response process in regional affiliates in the assigned region. Enable privacy compliance across various functions by: Providing training together with the WC&BE team, and regular communications on Privacy and Data Protection Compliance to relevant staff. Advising on Privacy and Data Protection issues , including drafting privacy notices, templates, and consents, and ensuring consistency in practices and forms across regions. Collaborating with Law, Corporate Audit, Information Systems, and WC&BE functions regarding Privacy and Data Protection requirements to enable compliance and programmatic improvement. Minimum Requirements LLB or equivalent degree with at least 10 years of legal and/or privacy and data protection experience at a global company in a regulated industry (biopharmaceutical experience preferred), with deep expertise in Privacy and Data Protection. Proven ability to effectively and timely manage multiple initiatives and cross-departmental projects (i.e., strong project management skills). Demonstrated ability to communicate well with business leadership, information systems professionals, and compliance professionals to drive workable solutions. Proven ability to balance multiple priorities simultaneously , and to thrive and deliver in a highly regulated and fast-paced corporate environment. Demonstrated ability to regularly re-prioritize risks, objectives, and action plans based on an evolving corporate and regulatory landscape. Ability to deal well with ambiguity and complex situations . Strong ability to synthesize vast amounts of complex data , and clearly and concisely articulate the relevant points at the right altitude depending on the audience. Demonstrable acumen to collaborate, drive results, and influence cross-organizational stakeholders and decision-makers with different operational and jurisdictional responsibilities. Proven communication, relationship-building, and collaboration skills . Experienced in crisis management and handling . Proven commitment to delivering quality and timely output . Ability to work with key partners to ensure coordination of activities and alignment between security and privacy programs . Strong strategic thinking skills and ability to translate strategy into action plans. Excellent ability to interact and build relationships at all levels of management and staffing across organizational/jurisdictional boundaries. Ability to understand, plan, and navigate in a matrixed environment . Excellent command of English (spoken and written) and public speaking skills. Availability in crisis. Appreciation of the global context of local or regional activities. Additional Competencies/Skills Effective leadership skills. Effective organizational and creative problem-solving skills. Self-starter with a high level of initiative and strong work ethic. Strong understanding of the role of compliance professionals. CIPP certification from the International Association of Privacy Professionals (IAPP) (preferred). High level of integrity in all actions.

Role & responsibilities DLP Operations: Manage day-to-day operations of the DLP solution, including monitoring, incident response, and resolution. Policy and Procedure Development: Develop and configure DLP policies to safeguard sensitive information, in line with regulatory requirements and internal policies. Monitoring Compliance: Ensure compliance with data protection laws and organizational policies, and monitor data movement to prevent unauthorized data access or sharing. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify privacy risks and ensure the organizations data handling complies with regulations. Data Protection Training & Awareness: Assist in the development and delivery of data protection awareness training programs to educate staff on DLP policies and best practices. Vendor & Third-Party Risk Management: Evaluate risks associated with third-party service providers and ensure they comply with DLP policies and practices. Data Governance & Data Stewardship: Support the organizations data governance framework by ensuring effective use, management, and protection of sensitive data. Incident Investigation & Resolution: Conduct investigations into DLP incidents and resolve issues related to data breaches or violations, ensuring proper reporting and remediation. Data Subject Requests (DSR) Management: Assist in managing data subject requests (DSR), ensuring that data handling and deletion requests comply with privacy laws. Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide guidance to delivery and support functions on processing of personal data. Maintain data flow maps for the process where personal data is processed. Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Preferred candidate profile Bachelor's or master's degree in computer science, information systems or relevant field. Around 2-3 years' experience in managing privacy and data protection program for a company or providing privacy and data protection consulting services. Around 6-8 years of overall experience in the area of privacy and Information Security. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate privacy, security and risk-related concepts to technical and nontechnical audiences. Knowledge and understanding of relevant legal and regulatory requirements, such as IT Act 2000, GDPR, BS10012, Data Protection Act of India and other Data Protection standards Knowledge of DADP act and country wise data protection act across Middle East Countries Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives Project management skills: scheduling and resource management Professional privacy engagement certification, such as a Certified Information Privacy Professional (CIPP) or other similar credentials in Data Privacy, is desired Strong understanding of data protection laws, regulatory compliance, and risk management. Ability to handle sensitive information with discretion and professionalism

Your day at NTT DATA The Risk Analyst is a seasoned subject matter expert, responsible for assessing and managing risks to ensure the security, integrity, and resilience of the organization's operations and services. This role involves identifying potential threats, analyzing vulnerabilities, and providing recommendations to mitigate risks. Through proactive risk assessment and collaboration with cross-functional teams, this role contributes to the organization's efforts to maintain a secure and compliant environment. Key responsibilities: Analyzes risk to business activities and operations. Identifies areas of potential loss or damage for current and proposed business and financial operations, processes, structures and cyber-risk exposure and quantifies impact Implements and evaluates compliance with business and cyber risk-reduction policies, processes and standards. May participate in the development and maintenance of disaster recovery and business continuity plans. Supports organizational processes and programs for mitigation of financial risk, including administration of insurance. May support and administer security and health/safety programs in addition to risk management activities. Performs any other related task as required by management. To thrive in this role, you need to have: Strong understanding of risk assessment methodologies, global regulations, and compliance requirements. Proficiency in data analysis tools and techniques for identifying trends, patterns, and potential risks. Excellent analytical skills and attention to detail. Effective communication skills to convey complex risk concepts to a global audience. Cultural sensitivity and adaptability to work across different regions and time zones Strong problem-solving skills and ability to work collaboratively with cross-functional and global teams. Academic qualifications and certifications: Bachelor's degree or equivalent in Business, Information Security, Risk Management or related field. Relevant certifications such as CISM, CRISC, CISSP, CIPP preferred. Required experience: Seasoned years of experience as a Risk Analyst, preferably in a global organization with diverse operations.

Role & responsibilities Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the data protection & confidentiality policy such as the principles of data processing, data subjects rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches. Policy and Procedure Development: Design, implement, and maintain data protection policies and procedures in line with relevant laws and best practices. Monitoring Compliance: Ensure the organization's adherence to privacy and data protection regulations, and regularly review the effectiveness of data protection controls. Legal Support & Data Protection Impact Assessments (DPIA): Oversee DPIAs to evaluate potential risks associated with the processing of personal data and provide legal guidance to mitigate those risks. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify and minimize privacy risks, and implement measures for risk management and mitigation. Data Protection Training & Awareness: Develop and deliver data protection training to all staff members, raising awareness of data security and privacy best practices. Vendor & Third-Party Risk Management: Evaluate and manage risks associated with third-party service providers and vendors to ensure their compliance with data protection requirements. Data Governance & Data Stewardship: Establish and oversee the organizations data governance framework, ensuring proper management, usage, and protection of data assets. Data Subject Requests (DSR) Management: Manage requests from data subjects regarding access to personal data, data deletion, or other data-related queries, ensuring full compliance with data protection regulations. Overall responsibility for monitoring compliance with Data Protection Policy; Liaison with IT to collect Data Leakage Prevention reports and analyse them. Identify and monitor the data processors whilst at work, ensuring that they deal with data in a manner consistent with the key data protection principles. To build understanding and awareness of data privacy issues throughout the organization, the DPO must have excellent communication and presentation skills Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide organizational compliance and conformance reports on privacy and data protection to the top management. Provide guidance to delivery and support functions on processing of personal data. Conduct Assessments, Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps. Maintain data flow maps for the process where personal data is processed. Undertake data protection and privacy compliance audits in accordance with applicable requirements Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Take into account the risk associated with processing activities being undertaken and be able to advise the business accordingly having regard to the nature, scope, context and purposes of the processing. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Development and update a comprehensive privacy awareness training program and promote awareness across the company Preferred candidate profile Education: Bachelor's degree in Law, IT, Computer Science, or a related field. A Masters degree in Data Privacy, Information Security, or Cyber Law is highly desirable. • Certifications (Required): Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) Certified Information Security Manager (CISM) • Certifications (Good to have): Certified Data Privacy Solutions Engineer (CDPSE) ,Certified Information Systems Security Professional (CISSP) Experience: Minimum of 12-14 years of experience in Data Security, Privacy Management, or Information Security. Extensive experience with privacy laws and regulations, including GDPR, CCPA, DPDP Act, etc. Proven track record of implementing and managing data protection and privacy programs in large organizations

Job Title: Compliance Officer India Reports to: Compliance Manager / Head of Compliance Function: Risk & Compliance / Governance / Data Privacy Role Summary: The Compliance Officer is responsible for ensuring the organization’s adherence to internal policies, external regulations, certification standards, and risk management frameworks. This role plays a critical part in supporting data privacy, managing document control, ensuring audit readiness, and driving a culture of compliance throughout the organization. The Compliance Officer will also coordinate with cross-functional teams and external stakeholders to promote ethical practices, regulatory adherence, and continuous improvement. In short, the Compliance Officer plays a key role in safeguarding the organization against regulatory breaches and fostering a compliant work environment, complimenting the Business Compliance Manager. Key Responsibilities: Regulatory Compliance & Risk Management Monitor local regulatory developments and ensure internal alignment. Conduct regular compliance risk assessments and implement mitigation plans. Monitor and assess third-party compliance as needed. Audit & Process Compliance Plan and execute internal audits to evaluate adherence to policies and standards (ISO 9001, 27001, 18295, etc.). Support closure of Non-Conformities (NCRs) with root cause analysis and corrective actions. Maintain audit documentation and manage the Internal Audit Cycle (planning to closure). Data Privacy & Security Ensure compliance with applicable data privacy laws, and other contractual obligations. Conduct privacy impact assessments for new processes or tools handling personal data. Collaborate with IT and Legal to implement data protection measures and incident response plans. Document & Policy Management Maintain proper document control practices including versioning, secure storage, and timely updates. Support the creation, review, and implementation of compliance policies and procedures. Ensure adherence to document retention schedules in line with regulatory requirements. Reporting & Escalation Maintain logs of compliance incidents and escalate high-risk issues appropriately. Submit timely reports to leadership and, if applicable, to regulatory authorities. Track key performance indicators related to compliance, such as audit scores, training completion rates, and risk closure timelines. Job Requirements: Education: Bachelor’s degree in Law, Business Administration, Finance, IT, or related field. Master’s degree or legal qualification (LLB/LLM) is an advantage. Certifications Preferred: ISO 9001 / 27001 / 18295 - Internal Auditor Additional certifications if any (e.g. Certified Information Privacy Professional (CIPP) or equivalent) is a significant advantage. Experience: 2–3 years in compliance, audit, risk management, or data privacy roles. Experience with ISO implementation and certification processes. Familiarity with document control, regulatory filings, and internal controls. Skills: Attention to Detail, Strong analytical, audit, and problem-solving skills. Excellent verbal and written communication. Proficiency in compliance tracking tools and Microsoft Office. Good project and time management abilities. Personal Attributes: Ethical mindset with high integrity and discretion. Detail-oriented with strong organizational skills. Adaptable and proactive in a dynamic regulatory environment. Collaborative with cross-functional teams. Adhere to information security and confidentiality protocols. Report suspected breaches, vulnerabilities, or misconduct. Uphold the company’s code of conduct, data handling guidelines, and acceptable use policies. Staying updated on changes to relevant laws and regulations, as well as emerging industry standards. Role & responsibilities Contact Athirai - 7824823891

Key Responsibilities As Privacy Advocate, you'll have a broad range of responsibilities providing legal research and guidance on initiatives impacting international privacy laws and related data protection and security matters. You will partner cross-functionally with our legal, product, engineering, and other teams to advise on privacy law matters and related data uses while managing legal risk and ensuring regulatory compliance. Excellent academic credentials' minimum of 10 years legal experience at a top-tier law firm or in-house. Minimum 10 years of legal practice experience with a focus on data privacy, information security & cybersecurity in a technology-related company, law firm Identify business requirements resulting from new and evolving data privacy and AI laws and regulations, and provide guidance and thought leadership on relevant topics Drive an aligned approach for legal matters involving data protection, data privacy, and data licensing to support the Companys most important business strategies, goals, and objectives In-depth experience working with data protection regulations (such as the GDPR, CCPA, HIPAA, or equivalent) Lead and mentor a team of privacy professionals, fostering a culture of privacy awareness and compliance Serve as the go-to subject matter expert on privacy laws, regulations, and best practices, ensuring the company remains compliant with all relevant standards Provide recommendation to legal team to develop, implement, and maintain privacy policies and procedures Advocate for user privacy within the company, ensuring that privacy considerations are integrated into all aspects of product development and business operations Strong analytical and problem-solving skills. Ability to assess complex privacy issues and develop effective solutions Experienced in handling privacy inquiries, complaints and incidents Sound business judgment, and flexibility/adaptability to handle multiple wide-ranging matters, conflicting deadlines, and new areas of expertise as business needs change Demonstrated ability, in a positive, commercial and practical manner, to identify, prioritize and resolve issues quickly and effectively Qualifications Bachelor's or higher degree in Law or related fields Sound and practical business judgment, intellectual creativity, strong ethical compass, and problem-solving skills Excellent legal research skills Excellent writing skills Certifications in Privacy such as CIPP from organizations like IAPP are a strong plus Experience advising on privacy and data security in commercial transactions a plus Experience driving, prioritizing, and effectively managing cross-functional initiatives, and an ability to both work independently and with multi-stakeholder teams Additional Information At Privaini Software India Private Limited, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

We are Looking for candidate who could join our Risk Team to assist in Data Privacy with their knowledge and experience. JOB ROLE The Data Privacy Manager will assist in implementing, maintaining, and monitoring data protection and privacy initiatives across the organization. This role involves ensuring compliance with applicable data protection laws and standards, fostering a privacy-conscious culture, and supporting operational privacy activities. KEY RESPONSIBILITIES Data Protection Program Implementation: Support the DPO in developing and executing the organizations data protection and privacy strategy. Assist in the creation, review, and updates of privacy policies, procedures, and guidelines. Ensure alignment of privacy practices with regulatory requirements and internal frameworks. Compliance Monitoring: Monitor adherence to data protection policies and procedures. Assist in maintaining records of processing activities (ROPA) and other compliance documentation. Conduct regular privacy assessments, audits, and gap analyses. Training and Awareness: Design and deliver privacy training programs for employees. Develop tools and materials to raise awareness about privacy compliance. Provide advice and support to departments on privacy and data protection issues. Data Breach Management: Assist in the identification, assessment, and management of data breaches. Coordinate breach notification procedures in line with legal requirements. Maintain an incident log and track resolution activities. Data Principal Rights Management: Support the DPO in handling data subject access requests (DSARs) and ensuring timely responses. Assist in addressing queries related to privacy rights and data protection practices. Vendor and Third-Party Management: Conduct data protection impact assessments (DPIAs) and third-party risk assessments. Review privacy clauses in vendor contracts and ensure compliance with data protection requirements. Establishing a Privacy Governance Framework: Support in establishing a privacy governance framework within the organization to ensure that the privacy controls are diligently adhered. Collaboration and Stakeholder Engagement: Liaise with IT, legal, HR, and other departments to embed privacy by design and default. Act as a point of contact for internal and external stakeholders on privacy-related matters. MANDATORY SKILLS REQUIRED Analytical skills: Ability to assess privacy risks and design effective technological solutions. Communication and interpersonal skills: Strong communication skills and to collaborate with cross-functional teams and explain technical concepts to non-technical stakeholders. Problem-solving: Demonstrated ability to resolve complex technical privacy challenges. Technical Knowledge: Proficiency in using data protection and GRC tools, Excel/Power BI, and knowledge of AI governance. QUALIFICATIONS Education: Masters/Bachelors degree in Information Security, IT. Certifications: Preferred certifications such as CIPP/E, CIPM, CIPT, CDPSE or equivalent.

Roles & Responsibilities: Conduct Data Inventory exercises, Privacy Threshold Assessments, Privacy Impact Assessments, and Data Protection Impact Assessments to identify and mitigate privacy risks related to new projects, products, or services. Develop, implement, maintain, and communicate privacy policies, processes, and procedures that comply with data privacy protection laws, regulations, and industry best practices. Participating in internal design discussions to ensure data protection requirements are clearly defined early and throughout the development life cycle for new projects. Ensuring data privacy and protection obligations are met. Monitoring changes in relevant data privacy and protection laws and regulations to ensure ongoing compliance. Manage and respond to Data Subject Access Requests (DSAR) to ensure compliance with data privacy protection laws, regulations, and guidance. Work cross-functionally with employees at all levels across the firm to ensure efficient integration of the Data Privacy Program into business processes. Guide functional departments in following the process for intake, verification, processing, analysis, and answering data subjects questions and requests under the GDPR, CPRA, and other regulations. Monitor and update (as necessary) the companys data map, which includes company and third-party managed personal information Collaborate with IT, HR, Operations, and other functional teams to ensure data protection and privacy initiatives are understood and implemented. Track and monitor updates and developments to applicable data privacy laws and regulations, as necessary. Grow and develop the privacy team, including conducting training sessions to ensure all employees are aware of and comply with data privacy policies and procedures Knowledge, Skills, Other Qualifications: Bachelors in law required - Any Specialization. Strong knowledge of U.S., EU, & Indian data privacy laws and regulations and related compliance processes. Familiarity with Canadian data privacy laws and regulations and related compliance processes. Privacy certifications in at least one of the following: CDPSE, CISA, CIPM, CIPP, CISSP, CIPT. Excellent communication (both verbal and written) and interpersonal skills. Strong decision-making, critical thinking, and organizational skills. Ability to work in a cross-functional, cross-cultural matrix environment. Experience working with cybersecurity and data forensic teams, including supporting data governance initiatives and data incident management. Ability to work independently and multitask effectively in a fast-paced environment. Minimum 8-10 years of experience working as part of an internal legal and regulatory compliance function in multinational organizations. Demonstrable privacy and data protection experience is preferable , ideally gained in a services environment or a digital business.

This role will implement and manage data privacy tools and controls, support compliance with UAE and International data protection laws and promote responsible data governance practices across the groups.

Key Responsibilities: Lead implementation of privacy policies and compliance frameworks. Conduct and oversee PIAs, TIAs, and maintain RoPA. Manage data mapping, architecture documentation, and privacy controls. Develop and maintain privacy templates and related documentation. Drive small automation initiatives to support privacy operations. Collaborate with cross-functional teams across legal, IT, and business units. Preferred Qualifications: Deep understanding of global privacy regulations (e.g., GDPR, CCPA). Hands-on experience with Microsoft O365 automation tools. Strong documentation, analytical, and communication skills.