CYBER SECURITY STRATEGY AND GOVERNANCE

Manager - Data loss / Privacy Protection

Job Role :

- To create privacy framework based on compliance requirements like GDPR, IDPR, etc.

- To map regulatory requirements as per the requirements of data controller and data processor

- To conduct Privacy Impact Assessment (PIA) and Data Privacy Impact Assessment (DPIA)

- To create and update security & privacy policies, procedure, good practices and notices

- To assess applications, vendors, infrastructure, cloud services and processes for compliance as per security and privacy requirement

- To identify the risks associated with the assessed solution or process and rate the same inline to the risk rating methodology as defined by the client organization. If required, to help the client with coming up with a risk rating m

- To provide remediation recommendations including technical solutions regarding the gaps identified

- To provide support for privacy related incident management process, recommendations to incidents, to help in preparation of mitigation plan and to provide support in closing the incident

- To prepare training material and provide training about maintaining required data privacy standards while collecting, storing, processing and destruction of data

- To help with the development of data classification guidelines

- To create policies for data classification and classify data as per the data classification guidelines

- To understand the business, to analyze the data life cycle and accordingly create data flow maps

- To implement data leakage prevention tool based on defined business, security and regulatory requirements

- To provide assurance regarding Data Loss Prevention and other monitoring tools, efforts and related investigations and remediation actions

- To provide support in monitoring of all loss mitigation systems and processes, detecting and addressing any system or process deficiencies

- To assist in the process of identification and creation of inventory of sensitive information that is being stored, processed or transmitted internally and to a variety of audiences, including customers, vendors, employees, etc.

- To manage a team size of 4 or more members

- To create project plan as per the agreed upon scope of work

- To track the health of projects to ensure they are on track. To take necessary actions in case of any anticipated roadblocks or issues

- To guide the team members to help them progress as per the project plan and also to help them work on their annual goals

Preferred Qualifications :

Education :



Essential : Graduate

Desirable : B.E

Experience :

- Total of 7-10 years of experience in information security is required

- Minimum 2 years of experience in data privacy is required

- Experience of working with McAfee, Symantec, etc. for DLP and DRM is required

- Experience of working with privacy tools like One Trust is preferred

- Has a good understanding and knowledge about Software Development Lifecycle (SDLC)

Certification :

- Essential: ISO 27001, CIPPE/ CIPT/ CIPM

- Desirable: CISSP, CISA

Skills & Abilities :

Essential :

- Good Analytical skills, Able to articulate and correlate. Sound Technical knowledge, strong team player and can manage a team when required

Desirable : Able to work for long extended hours

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.