| Hyderabad Jobs |
| Banglore Jobs |
| Chennai Jobs |
| Delhi Jobs |
| Ahmedabad Jobs |
| Mumbai Jobs |
| Pune Jobs |
| Vijayawada Jobs |
| Gurgaon Jobs |
| Noida Jobs |
| Hyderabad Jobs |
| Banglore Jobs |
| Chennai Jobs |
| Delhi Jobs |
| Ahmedabad Jobs |
| Mumbai Jobs |
| Pune Jobs |
| Vijayawada Jobs |
| Gurgaon Jobs |
| Noida Jobs |
| Oil & Gas Jobs |
| Banking Jobs |
| Construction Jobs |
| Top Management Jobs |
| IT - Software Jobs |
| Medical Healthcare Jobs |
| Purchase / Logistics Jobs |
| Sales |
| Ajax Jobs |
| Designing Jobs |
| ASP .NET Jobs |
| Java Jobs |
| MySQL Jobs |
| Sap hr Jobs |
| Software Testing Jobs |
| Html Jobs |
| Job Location | Mumbai City |
| Education | Not Mentioned |
| Salary | Not Disclosed |
| Industry | IT - Software |
| Functional Area | SBU Head / CEO / Director |
| EmploymentType | Full-time |
1. Communication with external stakeholders, DPO and data subjects- Act as the key point of contact and cooperate with relevant members of the DPO community on issues relating to personal data processing; o Act as a point of contact for data subjects with regards to significant issues 2. Matters related to organisation and framework related to personal data protection within his / her scope: A. As directed by the DPO, Implement general policies and guidelines on personal data protection and ensure their consistency with the relevant Group policies and guidelines. B. Contribute to the monitoring of the regulatory landscape on data protection regulations and the relevant communication performed by LEGAL. C. Contribute to, and establish as necessary data protection committees at different levels (e.g. ICC, Personal Data Protection and Privacy Committee, etc.)D. As instructed by DPO, implement the overall personal data protection framework on the following topics: - Review and advise on implementation of policies and guidelines on Personal Data Protection and monitor consistency in their implementation (Consent collection process, cross border transfers, management of retention or personal data obsolescence, etc.) - Review and advise on implementation of Privacy by design principles from the design stage and during the life-cycle into all projects, products, services, activities, processes and systems - Provide advice on Privacy Impact Assessment (PIA) (e.g. whether or not to carry out a PIA, what methodology to follow, what safeguards to apply to mitigate any risks to the rights and interests of individuals) and monitor that PIAs are performed correctly - Review and advise on implementation of Personal Data Security principles and management of personal data breaches - Monitor the implementation of Group security strategy in line with Personal Data Protection regulatory requirements - Contribute to risk evaluation in case a personal data breach occurs to ensure in a timely manner: - Appropriate safeguards (technical and organizational) are set-up to mitigate any risks to the rights and interests of the data subjects - Adequate communication and reporting channels are in place to notify the appropriate stakeholders (e.g. management, Data Protection Authorities, data subjects) Oversee the Reporting of personal data breaches to the DPA as per DPO - Contribute to maintenance of the Records of processing activities (Register) - Review and advise on rules regarding record of processing activities - Monitor that the record of processing activities (Register) is kept up to date, filed under the responsibility of the controller / processor, in line with defined rules and make it available upon Data Protection Authorities request - Build and implement an awareness program - Contribute to the promotion of a data protection culture - Ensure that training provided to the employees involved in processing activities are sufficient and refreshed on a periodic basis to maintain data protection awareness E. Under DPO guidance, operate the second level controls and independent testing on personal data protection framework in order to monitor compliance with personal data protection legislation and internal policies and guidelines: - Define and perform risk-based second level of controls on processes related to personal data protection. Assess effectiveness of the 1st Line of Defence (business and IT) controls on Personal Data Protection based on Generic Control Plans defined by the Group This will involve 2LoD controls testing against Local and Group Data Protection requirements for: personal data processed across the organisation; high risk activities, new products and activities which involve personal data and testing of IT systems in addition to testing of business operations. Provide independent reporting and alert on critical points to senior management F. As the DPO , the following key direct responsibilities are also included: Coordinate overall communication with leadership from DPO Provide independent reporting and alert on critical points to the APAC DPO and CRO Contributing Responsibilities Governance & Oversight Contribute to the establishment of ISPL governance within the three lines of defence model in alignment with the Group Risk Management Framework Assist with establishing appropriate risk management governance committees, arrange agendas and chair meetings as appropriate Assist with establishing and oversight of the Operational Risk Management infrastructure and ensure practices are consistent with regulatory expectations and industry sound practices Risk management environment Business Resiliency & Continuity: Oversee and drive the business resiliency and continuity plans to ensure the ability of the Bank and at ISPL to operate on an ongoing basis and limit the losses in the event of severe business disruption. Coordinate with the first and third lines of defence to test these plans to ensure coverage and adequacy. Technical & Behavioral Competencies Professional qualifications relevant to Data Protection (CIPP, CIPM etc.) Strong risk mindset with understanding of applicable regulatory requirements in financial services sector around Information Security Risks (Technology Risk, Business Continuity Risk, etc.) Experience in managing Enterprise Risk and necessary Controls. Experience in conducting Privacy Risk assessment process. Knowledge of Regulatory requirements including Data Privacy Regulations like GDPR, India Data Privacy Law, SEBI and RBI privacy requirements etc. with cross border implications. Must be able to interface and coordinate work efficiently and effectively with business and technology partners. Good team player with strong stakeholder management, relationship building, influencing, facilitating. Good listening and analytical skills including, Being able to come to a thoughtful and business focused conclusion quickly. o Ability to co-operate and work well with others adopting an approachable style.,
Keyskills :
project managementautomationcost controldeliveryltd3rd party relationshipspersonal data protectionrisk management frameworkoperational risk management