×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Cybersecurity Data Security IT Consultant

Data Privacy Practitioner

Job in 411001, Pune, Maharashtra, India
Listing for: DPDP Consultants
Full Time position
Listed on 2026-06-22
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security, IT Consultant
Job Description & How to Apply Below
About the Role

We are seeking a highly motivated and detail-oriented Data Privacy Practitioner to join our Information Security & Compliance team in Pune. In this pivotal role, you will be responsible for establishing, maintaining, and continuously improving our data privacy and protection framework. You will work cross-functionally to embed privacy-by-design principles across the organization, manage regulatory compliance obligations, and serve as a trusted advisor on all matters relating to data governance, risk, and security.

Key Responsibilities

Data Privacy & Compliance

▸   Design, implement, and maintain a comprehensive Data Privacy Management Program aligned with applicable regulations (DPDPA, GDPR, ISO/IEC 27701).

▸   Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new and existing processes, systems, and products.

▸   Develop, review, and update privacy policies, notices, consent frameworks, and data processing agreements (DPAs).

▸   Monitor and ensure compliance with evolving global data protection regulations and advise business units on regulatory obligations.

▸   Manage data subject requests (DSAR) : including access, rectification, erasure, portability within stipulated timelines.

Risk Management

▸   Identify, assess, and document data privacy and information security risks across the organization using structured risk methodologies.

▸   Develop and maintain risk registers, risk treatment plans, and mitigation strategies in coordination with the risk and compliance team.

▸   Conduct periodic risk assessments and gap analyses against ISO 27001, NIST, and applicable data protection standards.

▸   Track and report residual risks, Key Risk Indicators (KRIs), and risk remediation progress to senior stakeholders.

▸   Support incident response activities involving personal data breaches — from detection and containment to notification and post-incident review.

GRC (Governance, Risk & Compliance) Operations

▸   Operate and administer GRC platforms (e.g., One Trust, Service Now GRC, RSA Archer, Metric Stream, or similar tools) to manage compliance workflows, control libraries, and evidence repositories.

▸   Configure and maintain privacy and risk modules within GRC software to automate compliance tracking and reporting.

▸   Generate dashboards, metrics reports, and compliance status updates for leadership and audit committees.

▸   Coordinate internal and external audits, including evidence collection, walkthroughs, and management of audit observations.

ISO 27001 Audit & Information Security

▸   Lead and manage ISO 27001 surveillance and re-certification audits as a certified Lead Auditor.

▸   Develop, review, and update the Information Security Management System (ISMS) documentation — policies, procedures, SOA, and control objectives.

▸   Plan and execute internal ISO 27001 audits, prepare audit reports, and track corrective action plans (CAPAs) to closure.

▸   Collaborate with IT, Dev Ops, and business teams to implement and validate technical and organizational controls aligned with Annex

A.

Collaboration & Stakeholder Management

▸   Partner with Legal, HR, IT, Product, and Business teams to embed privacy and security requirements into processes and projects.

▸   Serve as the primary point of contact for internal teams, external auditors, regulators, and third-party vendors on data privacy matters.

▸   Deliver privacy awareness training and workshops to employees across departments.

▸   Support vendor due diligence assessments from a data privacy and security perspective, including third-party risk reviews.

Required Qualifications

Education

▸   Bachelor's degree in Computer Applications (BCA) or Bachelor of Science in Computer Science (B.Sc. CS).

▸   Additional certifications in Information Security or Data Privacy will be a strong advantage.

Experience

▸   3 to 5 years of hands-on experience in data privacy, information security, or GRC roles.

▸   Demonstrated experience working with GRC platforms (One Trust, RSA Archer, Service Now GRC, Metric Stream, or equivalent).

▸   Proven experience conducting ISO 27001 audits as a Lead Auditor.

▸   Practical knowledge of data…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search