Lead and oversee Airtel Payments Banks Data Protection programme and related initiative.
Manage and monitors compliance with all applicable Data privacy laws, regulations and standards including DPDPA, GDPR etc.
Perform regular compliance assessments and reporting, i.e. Data Privacy Impact Assessment (DPIA)
Work with business and technical team members, third party vendors and auditors to ensure adherence to all applicable Data protection law, regulations and standards
Provide periodic and adhoc security awareness training for employees/contractors to increase Data Protection awareness pertaining to their job functions and evaluate training effectiveness
Recommend and develops KPIs and metrics to evaluate the Data protection / Privacy program and related controls.
Participate in planning, scheduling and preliminary analysis for all internal and external Data
Protection / Privacy audits and assessments and maintain list of outstanding audit actions and works with the remediation team to remediate identified gaps
Oversee process documentation and compliance adherence
Measures of Success:
Timely implementation of data privacy programs at org level
Completion of privacy impact assessments as per schedule
Timely reporting of data privacy incident both internally and to the regulator as per the mandate
Timely updation and board approval for data privacy policy
No adverse observations in internal/external audits
Timely completion of data privacy trainings for all eligible users
Timely remediation of any findings or recommendations made by any of the internal or external assessors as part of privacy impact
Adherence to data privacy policy within the organization
Qualifications:
10-12 years of post qualification experience.
Relevant Experience with respect to the role: At least 05 years of experience in working with privacy laws, including drafting of privacy policies, technology provisions, and working on compliance.
One or more certifications related to Privacy, i.e., Certified Information Privacy Professional (CIPP/E), Certified Data Privacy Solutions Engineer (CDPSE),Certified Information Privacy Manager (CIPM), DSCI Certified Privacy Professional, CISSP, DSCI Certified Data Protection Officer (DCDPO) or any other equivalent certification
Experience in technical training and in conducting awareness sessions
Experience in dealing successfully with different business and external stakeholders
Experience working with IT programming or infrastructure, including certification in information security standards
Experience in performing audits of information systems, attestation audits and risk assessments
Knowledge on how to assess, develop and implement Data Privacy program including drafting of privacy policies, standards, processes, procedures and technology provisions etc.