Data Privacy Practitioner
DPDP Consultants
2 - 5 years
Pune City
Posted: 29/06/2026
Job Description
About the Role
We are seeking a highly motivated and detail-oriented Data Privacy Practitioner to join our Information Security & Compliance team in Pune. In this pivotal role, you will be responsible for establishing, maintaining, and continuously improving our data privacy and protection framework. You will work cross-functionally to embed privacy-by-design principles across the organization, manage regulatory compliance obligations, and serve as a trusted advisor on all matters relating to data governance, risk, and security.
Key Responsibilities
Data Privacy & Compliance
Design, implement, and maintain a comprehensive Data Privacy Management Program aligned with applicable regulations (DPDPA, GDPR, ISO/IEC 27701).
Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new and existing processes, systems, and products.
Develop, review, and update privacy policies, notices, consent frameworks, and data processing agreements (DPAs).
Monitor and ensure compliance with evolving global data protection regulations and advise business units on regulatory obligations.
Manage data subject requests (DSAR) : including access, rectification, erasure, portabilitywithin stipulated timelines.
Risk Management
Identify, assess, and document data privacy and information security risks across the organization using structured risk methodologies.
Develop and maintain risk registers, risk treatment plans, and mitigation strategies in coordination with the risk and compliance team.
Conduct periodic risk assessments and gap analyses against ISO 27001, NIST, and applicable data protection standards.
Track and report residual risks, Key Risk Indicators (KRIs), and risk remediation progress to senior stakeholders.
Support incident response activities involving personal data breaches from detection and containment to notification and post-incident review.
GRC (Governance, Risk & Compliance) Operations
Operate and administer GRC platforms (e.g., OneTrust, ServiceNow GRC, RSA Archer, MetricStream, or similar tools) to manage compliance workflows, control libraries, and evidence repositories.
Configure and maintain privacy and risk modules within GRC software to automate compliance tracking and reporting.
Generate dashboards, metrics reports, and compliance status updates for leadership and audit committees.
Coordinate internal and external audits, including evidence collection, walkthroughs, and management of audit observations.
ISO 27001 Audit & Information Security
Lead and manage ISO 27001 surveillance and re-certification audits as a certified Lead Auditor.
Develop, review, and update the Information Security Management System (ISMS) documentation policies, procedures, SOA, and control objectives.
Plan and execute internal ISO 27001 audits, prepare audit reports, and track corrective action plans (CAPAs) to closure.
Collaborate with IT, DevOps, and business teams to implement and validate technical and organizational controls aligned with Annex A.
Collaboration & Stakeholder Management
Partner with Legal, HR, IT, Product, and Business teams to embed privacy and security requirements into processes and projects.
Serve as the primary point of contact for internal teams, external auditors, regulators, and third-party vendors on data privacy matters.
Deliver privacy awareness training and workshops to employees across departments.
Support vendor due diligence assessments from a data privacy and security perspective, including third-party risk reviews.
Required Qualifications
Education
Bachelor's degree in Computer Applications (BCA) or Bachelor of Science in Computer Science (B.Sc. CS).
Additional certifications in Information Security or Data Privacy will be a strong advantage.
Experience
3 to 5 years of hands-on experience in data privacy, information security, or GRC roles.
Demonstrated experience working with GRC platforms (OneTrust, RSA Archer, ServiceNow GRC, MetricStream, or equivalent).
Proven experience conducting ISO 27001 audits as a Lead Auditor.
Practical knowledge of data protection regulations including GDPR, India's DPDPA, and related frameworks.
Experience managing data subject rights, consent management, and privacy incident response.
Certifications
ISO 27001 Lead Auditor (mandatory) PECB, BSI, or equivalent accreditation body.
CIPP/E, CIPM, CIPT (IAPP)preferred.
Certified Information Privacy Professional / Manager (CIPM)preferred.
ISO 27701 Lead Implementer/Auditor preferred.
Technical Skills & Tools
Domain Knowledge Domain KnowledgeD Tools & Platforms
GDPR / DPDPA / ISO 27001
Privacy Impact Assessments (PIA/DPIA)
Risk Assessment Methodologies
Data Classification & Governance
Incident Response & Breach Notification
Vendor / Third-Party Risk Management
Tools and Platforms
OneTrust / TrustArc
RSA Archer / ServiceNow GRC
MetricStream / ZenGRC
Jira / Confluence (audit tracking)
MS Office Suite / SharePoint
SIEM tools (awareness level)
Core Competencies
Excellent Communication
Clearly articulate privacy requirements, risks, and audit findings to both technical and non-technical audiences written and verbal.
Proactive Approach
Anticipate privacy and compliance risks before they materialise; independently drive initiatives without waiting to be directed.
Cross-functional Collaboration
Build strong working relationships across Legal, IT, HR, Product, and Business teams to embed privacy into every function.
Analytical Thinking
Ability to assess complex data flows, identify gaps in controls, and translate risk findings into actionable recommendations.
Attention to Detail
Meticulous in documentation, evidence management, audit trail maintenance, and regulatory reporting.
Stakeholder Management
Effectively manage relationships with regulators, external auditors, senior leadership, and technology vendors.
What We Offer
Opportunity to work on a comprehensive, organization-wide privacy and security programme.
Exposure to international data protection regulations and cross-border compliance challenges.
Collaborative, growth-oriented work culture with strong leadership support.
Continuous learning support certifications, training, and conference participation.
Competitive compensation aligned with market standards for Pune.
Services you might be interested in
We Search & Apply Jobs for You!
Our team scans through 1000s of opportunities and applies to roles best suited to your profile
Save 100+ hours and focus on what matters - cracking interviews and landing offers.
