×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Data Security Information Security

Data Protection Officer

Job in 400001, Mumbai, Maharashtra, India
Listing for: ESDS Software Solution Limited
Full Time position
Listed on 2026-06-06
Job specializations:
  • IT/Tech
    Data Security, Information Security
Job Description & How to Apply Below
Position Summary
The Data Protection Officer (DPO) is responsible for informing and advising the organisation on applicable data protection obligations, monitoring compliance with privacy laws and internal policies, advising on data protection impact assessments, and serving as a key contact point for data principals and regulatory or supervisory authorities.
The role supports a strong privacy governance framework across the enterprise covering applicable requirements under the EU/UK GDPR, India's Digital Personal Data Protection Act, 2023 (DPDP Act), and other relevant privacy and sectoral obligations. The DPO acts as an independent privacy adviser and monitor; accountability for compliance remains with the organisation and its management.
Reporting and Independence

• Functionally reports to the Board of Directors / concerned C level Executive

• Will have to coordinate with the Legal & Compliance function for day-to-day support, budgeting, and workflow alignment.

• Must be able to perform DPO duties independently and without instructions regarding the outcome of privacy advice, investigations, or regulatory interactions.

• Must have access to relevant records, systems, stakeholders, and resources necessary to perform DPO duties effectively.

• Must not hold responsibilities that determine the purposes and means of processing personal data or otherwise create a conflict of interest.
What the Role Needs to Achieve

• Provide independent advice on compliance with applicable data protection and privacy obligations.

• Monitor the organisation's privacy governance framework, controls, and accountability mechanisms.

• Promote privacy by design and privacy by default across products, services, internal processes, and vendor engagements.

• Support timely and compliant handling of data principal / data subject rights requests, grievances, and regulatory matters.

• Advise on privacy risk assessment, breach response, third-party processing risk, cross-border transfer compliance, and records of processing.

• Build privacy awareness across the enterprise and provide periodic reporting to senior leadership / Board.

Roles and Responsibilities
Governance, advice, and monitoring

• Advise the organisation on obligations under the DPDP Act, and other applicable privacy or sectoral laws, standards, and contractual commitments. Also need to align and implement best practices from Global standards such as GDPR

• Monitor compliance with privacy laws, internal policies, privacy controls, awareness programmes, and assigned accountability measures.

• Review and recommend updates to privacy policies, notices, standards, procedures, and control frameworks.

• Maintain visibility into major processing activities and support ongoing privacy governance, including Records of Processing Activities (RoPA) or equivalent processing inventories, where applicable.

• Advise on and monitor Significant Data Fiduciary (SDF) obligations under relevant section of DPDP Act, where the organization is notified as an SDF, including appointment of an independent data auditor, periodic Data Protection Impact Assessments, and enhanced accountability measures.
Privacy risk assessment and project review

• Advise on Data Protection Impact Assessments (DPIAs), privacy threshold assessments, and similar privacy reviews for new or changed processing activities.

• Review high-risk initiatives, systems, products, and data uses from a privacy compliance perspective before rollout.

• Advise business, technology, HR, procurement, and security teams on privacy by design, privacy by default, lawful basis, minimisation, retention, and transparency requirements.

• Review processing of personal data (persons below eighteen years of age) and personal data of persons with disabilities, ensuring verifiable parental / lawful guardian consent mechanisms and restrictions on tracking, behavioural monitoring, and targeted advertising, consistent with relevant Section of the DPDP Act.
Data principal / data subject rights and grievance handling

• Oversee and monitor the framework for responding to access, correction, erasure, objection, restriction, portability, and similar rights requests as…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search