Digital - Data Privacy Manager

You will be responsible for leading the development and execution of comprehensive privacy programs at Godrej Enterprises Group. This includes the creation of policies, procedures, and templates, as well as identifying any gaps in privacy processes. Your role will also involve enhancing overall compliance from a Data Privacy perspective and increasing awareness of Privacy initiatives within the organization. As data privacy is considered a fundamental right in India, it is crucial to prioritize this aspect to maintain customer trust, comply with regulations, and prevent any potential legal repercussions from data breaches. The recent "Digital Personal Data Protection Act" further emphasizes the importance of protecting personal data. Your key responsibilities will include working with business teams to understand the use of Personally Identifiable Information (PII), managing privacy incidents and breach investigations, developing consent management frameworks, and overseeing vendor and third-party data privacy compliance. You will also need to build connections with peers in different business units, identify gaps in privacy laws, adapt to changes in legislation, and conduct risk assessments to mitigate privacy risks. To ensure organizational compliance with data protection regulations, you should possess a deep understanding of privacy concepts, laws, and have a proven track record in managing privacy programs within complex environments. It is essential to have a Bachelor's or Master's degree in computer science, IT, or Privacy, along with 8-10 years of experience in Cybersecurity domains and 3-5 years in privacy compliance and data protection. Moreover, having in-depth knowledge of global privacy laws and frameworks such as GDPR, DPDPA, HIPAA, and others, along with technical skills in data protection technologies and Privacy platforms, will be advantageous. Strong communication, analytical, and project management skills are also necessary for this role. Additionally, possessing certifications like ISO 27001, CISA, CISM, or equivalent is desirable but not mandatory. In this role, you will be expected to deliver executive-level reporting on privacy metrics, risks, and program effectiveness, as well as assist with data protection audits and manage the privacy risk register for the organization. Your ability to question the status quo, think innovatively, and interact successfully with all levels of the business will be crucial in driving Privacy initiatives and ensuring compliance with data protection regulations.,