Data Privacy Manager !! 7-12 Years !! Gurgaon WFO

arora.rajat@Sammaancapital.com

Grade:

Sub Department: Data Privacy

Role Summary

Data Privacy Manager

Key Responsibilities

Privacy Compliance Framework

• Lead the design and implementation of the organizational privacy framework aligned with:
• India DPDP Act, 2023
• RBI Guidelines (including cybersecurity and outsourcing guidelines)
• Other relevant industry-specific laws and standards

Governance & Program Management

• Define and implement data privacy policies, SOPs, and governance structures
• Drive DPDP Act readiness programs including consent management, rights enablement, and breach notification mechanisms
• Engage with senior management and department Heads on privacy risks and posture

Data Protection Operations

• Manage the data lifecycledata collection, usage, storage, retention, and disposalwith appropriate controls
• Conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities
• Ensure data minimization, purpose limitation, and storage limitation principles are enforced

Third-Party & Cross-Border Data Oversight

• Evaluate and govern third-party processors and vendors for data privacy compliance
• Draft and manage Data Processing Agreements (DPAs)
• Ensure lawful cross-border data transfer mechanisms and data localization (where required by RBI)

Training, Awareness & Cultural Adoption

• Lead privacy training and awareness programs across the organization
• Embed Privacy-by-Design in product development and business operations

Monitoring & Incident Response

• Establish privacy audit controls, metrics, and KPIs
• Coordinate personal data breach response and regulatory notification processes
• Maintain breach registers and coordinate with InfoSec for threat mitigation

Regulatory Engagement

• Liaise with regulatory bodies and stay current on evolving privacy laws
• Support internal and external audits, including RBI inspections and supervisory reviews

Requirements

Education:

• Bachelor’s/Master’s in Law, Information Security, Compliance, or related fields
• Privacy certifications preferred (CIPM, CDPSE, CIPP/IT, DCPP, ISO 27701)

Experience:

• 7–12 years of experience in privacy, information security, legal or risk functions
• Experience in implementing DPDP Act or GDPR programs, and/or working with RBI regulations

Skills & Competencies:

• Strong understanding of privacy laws (DPDP, IT Act, RBI Master Directions, ISO 27701)
• Stakeholder management and cross-functional leadership
• Excellent communication and training abilities
• Familiarity with tools: DLP, SIEM, consent management, GRC platforms

Preferred Industry Background

• BFSI (Banking, Fintech, NBFC)
  IT/ITeS

Thanks

Rajat Arora

98735 66771

arora.rajat@Sammaancapital.com