Role Overview:

We are seeking a skilled and proactive Data Privacy Professional with 7-10 years of core experience in privacy compliance, particularly in reviewing Data Processing Agreements (DPAs), EU/UK Standard Contractual Clauses (SCCs), and implementing global privacy regulations such as GDPR, ISO 27701, India's DPDPA, and CCPA.

The ideal candidate will come from a legal academic background with strong exposure to technical and security controls, enabling a holistic approach to privacy governance.

Key Responsibilities:

- Review, draft, and negotiate Data Processing Agreements (DPAs), EU and UK Standard Contractual Clauses (SCCs).

- Identify and mitigate privacy-related risks in contractual arrangements in collaboration with internal legal, procurement, and business teams.

- Lead or support the rollout of GDPR, DPDPA, CCPA, and other global privacy regulations.

- Conduct privacy gap assessments and support remediation strategies.

- Implement data protection frameworks aligned with ISO 27701 and other standards.

- Provide guidance on data privacy and protection laws, especially concerning cross-border data transfers.

- Monitor global privacy law developments and interpret their business impact.

- Assist in policy updates, audits, and external regulatory interactions as needed.

- Work closely with Information Security and IT teams to ensure data handling practices meet privacy and security expectations.

- Recommend privacy-enhancing technologies and oversee implementation of technical safeguards.

- Design and deliver employee awareness programs and workshops on data privacy and internal policies.

- Promote a strong privacy-first culture within the organization.

- Conduct and oversee Data Protection Impact Assessments (DPIAs) for new products, vendors, and systems.

- Identify risks and recommend appropriate mitigations.

Required Qualifications & Skills:

- Bachelor's or Master's degree in Law.

- 7-10 years of relevant hands-on experience in data privacy, with a focus on DPA and SCC reviews.

- Strong expertise in GDPR, DPDPA, CCPA, and ISO 27701 frameworks.

- Solid understanding of technical and organizational security measures.

- Mandatory Certifications: CIPP/E, CIPM, or CIPT.

- Strong interpersonal, negotiation, and stakeholder management skills.

- Proven ability to work cross-functionally across legal, security, IT, and compliance teams.

Preferred Attributes:

- Experience with privacy management platforms such as OneTrust, TrustArc, or similar tools.

- Familiarity with other global privacy regulations.

- Excellent attention to detail, project management abilities, and multitasking skills in a fast-paced environment.