Cyber Data Risk

SUMMARY:
Undertake privacy and/or data protection implementation and transformation projects and guide client

POSITION INFO:

Duties:

• As a Senior Consultant in our Cyber Application Security team, you will be part of our SAP practice Proactively identify and evaluate implementation of privacy initiatives through monitoring and testing. The role will undertake data protection & privacy impact assessments for relevant projects and with various functions and advise on mitigations to identified privacy risks.
• Work with operations and functional teams to ensure data protection and privacy initiatives are understood and implemented.
• Pro-actively analyze existing operations policies, processes, systems, controls and training material to assess areas for improvement in respect of data protection and make recommendations for change.
• Work with legal team to identify regulatory requirements across jurisdictions related to privacy and data protection.
• Work with legal and other teams to translate regulatory requirements to process improvements and initiatives and drive through completion.
• Develop and support frameworks for monitoring and reporting ongoing compliance with regulation and standards.
• Support internal privacy and compliance audits.
• Review privacy impact assessments completed by the businesses.
• Manage day-to-day privacy issues, such as data security incident responses, data protection agreement consultation, privacy complaints and resolution, subject access requests, management of Regulatory notifications and International Data Transfers.
• Research and analysis on developments in privacy law.
• Support in assessing and implementing privacy and/or data protection enhancements and automation tools and providers.

Preferred 

• B.Tech/B.E/MS/MBA.
• Experience on operating and implementing Privacy Enhancement and Automation tools such as OneTrust, BigID.
• Professional certifications related to GDPR, Privacy (e.g., CIPP) or others such as CISA / ISO27001 LA etc are preferable.
• CIPP/CISSP.
• Functional and non-functional privacy requirements definition and documentation experience.

Criteria:

• Work experience: 4 to 8 years.
• Experience in specific industry verticals is preferred and a thorough understanding of privacy and data protection specific compliance requirements within those verticals.
• Understanding and knowledge of industry standards and industry frameworks (e.g., AICPA/GAPP, PCI, OECD, FIPP, APEC Privacy Framework Etc).
• Understanding of security and privacy laws and regulations both US and Global (e.g., GDPR, MCCs, BCRs, HIPAA, GLBA, PCI, CCPA, CPRA).
• Experience in performing data privacy risk assessments/privacy impact assessments (PIAs).
• Experience in developing data protection and privacy strategies and roadmaps.
• Experience in planning and implementation of data protection and privacy controls.
• Experience in developing data protection and privacy policies, standards, and procedures.
• Experience on Privacy Enhancement and Automation tools such as OneTrust, BigID
• Experience in creating data privacy notice and consent forms, third party/vendor contracts.
• Excellent documentation and communication skills.

NB! This job is now closed. You can apply for other jobs by uploading your CV.