About the Company
To support the Technology Team in ensuring compliance with data protection and privacy regulations, including the Digital Personal Data Protection Act, Reserve Bank of India guidelines, and global standards like GDPR (where applicable), by providing advisory, risk assessment, and governance suppor
t.
About the
Role
Responsibil
- ities
- Regulatory Compliance & A
- dvisoryAdvise team (Technology, Digital Banking & Digital Payments) on privacy requir
- ements.Ensure compliance with RBI IT/outsourcing guidelines and DP
- DP Act.Embed privacy-by-design in new products (mobile apps, digital lending platforms, KYC proc
- esses).Data Protection Risk Man
- agementIdentify and assess privacy risks in Tech & Digital Banking processes (KYC, payments, lending, anal
- ytics).Conduct and review periodically Data Protection Impact Assessments (
- DPIAs).Maintain privacy risk register and track remed
- iation.Policy & Gov
- ernanceDevelop and implement data protection policies, standards, an
- d SOPs.Align technology Policies/framework with standards such as ISO 27001 /
- 27701.Work with Bank's Data Protection Officer (DPO) in governance acti
- vities.Third-Party & Vend
- or RiskReview data protection clauses in vendor agreements (NBFC partners, fintechs, outsourcing ve
- ndors).Assess third-party data handling risks, especially for cloud and SaaS pla
- tforms.Incident & Breach Man
- agementSupport investigation and response to data breaches (e.g., unauthorized access, data le
- akage).Ensure regulatory reporting within defined tim
- elines.Conduct root cause analysis and implement corrective a
- ctions.Stakeholder Man
- agementWork closely with: Information Security & IT teams, Legal & Compliance, Digital Banking / Product
- teams.Translate regulatory requirements into operational co
- ntrols.Training & Aw
- arenessConduct privacy awareness sessions for employees and frontline
- staff.Drive secure handling of customer data across branches and digital ch
- annels.SaaS & AI Data Usage Risk Ov
- ersightAssess and monitor how SaaS partners and AI service providers collect, process, store, and reuse bank and custome
- r data.Evaluate risks related to Data residency and cross-border tra
- nsfers.Model training on bank/customer data (especially for AI/ML prov
- iders).Data retention, deletion, and secondary
- usage.Review AI explainability, bias, and privacy risks in models used for credit scoring, fraud detection, or customer ana
- lytics.Conduct periodic audits or assessments of critical SaaS and AI vendors to ensure ongoing comp
- liance.Ensure contractual safeguards (DPAs, confidentiality, data usage restrictions) are in place and aligned with the Digital Personal Data Protection Act and Reserve Bank of India outsourcing/IT guid
- elines.Work with Information Security teams to validate technical controls such as encryption, tokenization, and access gove
rnance.
Quali
- fications
- Educational Qua
- lificationsEssential: Bachelor's degree in Law, Finance, IT, or Cy
- bersecurityPreferr
- ed: MBA/LLBProfessional Qua
- lificationsEssential:
- CIPP / CIPMPreferred: ISO 27001 Lead Auditor /
- ImplementerWork
- Experience8–12 years of experience in: Banking / Financial Services, Data Privacy / Risk / Complianc
- e / InfoSecStrong understanding of: Banking data flows (KYC, AML, payments, credit lifecycle), Privacy regulations (DPDP, G
DPR basics)
