Data Management Specialist

Job Role: Data Management Specialist

Role Overview

Responsible for the end-to-end lifecycle, security, and compliance of PII, biometric, CCTV, and event/exam data handled by the organisation. Ensures adherence to the DPDP Act, ISO 27001, SEBI guidelines, and internal data governance standards.

Key Responsibilities

1. Data Governance & Lifecycle Management

1. Define and implement policies for classification, handling, storage, retention, archival, and destruction of PII, biometric, CCTV, and event/exam data.
2. Ensure proper consent capture, lawful processing, and retention aligned with DPDP requirements.
3. Maintain comprehensive data inventories and mapping across business processes.

2. Privacy Compliance & Regulatory Alignment

1. Drive compliance initiatives under the DPDP Act, SEBI cybersecurity norms, and ISO 27001 data controls.
2. Manage Data Subject Requests (DSRs), including access, correction, withdrawal of consent, and erasure requests.
3. Conduct DPIAs (Data Protection Impact Assessments), privacy risk assessments, and privacy-by-design reviews for new projects.
4. Work closely with the DPO, legal teams, and external auditors.

3. Security Controls & Enforcement

1. Lead implementation and monitoring of DLP, encryption, access controls, and data localisation/cross-border transfer controls.
2. Oversee secure handling of sensitive data across enterprise environments and specialty setups (exams, elections, museums, etc.).
3. Coordinate logs, audit trails, and forensic support for investigations and incident response.

4. Backup, Availability & DR

1. Design and manage secure data backup, retrieval, monitoring, and DR/BCP processes to ensure data integrity and availability.
2. Support audit needs with accurate, timely retrieval of data and metadata.
3. Audit Readiness & Reporting
4. Maintain audit-ready documentation for DPDP, ISO 27001, SEBI, and internal governance.
5. Provide compliance metrics, data handling reports, and insights to leadership and regulatory stakeholders.

Experience Required for the Role:

• B.Tech/B.E. or Master's in Computer science, IT or cyber security.
• 7+ years in data governance, privacy, compliance, or regulated data operations.
• Experience with large-scale PII/biometric/CCTV operations or event/government environments is a plus.
• Proven success in privacy audit readiness, data lifecycle control, and regulatory compliance.

Certifications:

• CIPP/IT or DCPLA, or recognised DPO Certification
• CDMP or ISO 27001 Implementer/Auditor