Search by job, company or skills

Pocket FM

Sr. Analyst, Privacy & GRC

Pocket FM
Bengaluru, India
4-6 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 3 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Sr. Analyst, Privacy & GRC

Location: Banglore

Experience: 4+ Years

About Pocket FM

Pocket FM, founded in 2018, is India's leading audio storytelling platform, transforming the way millions consume stories. Offering high-quality serialized content across genres such as Romance, Drama, Thriller, Fantasy, Sci-Fi, and Mythology in eight languages, Pocket FM has built a strong global presence with over 200 million listeners worldwide. With users spending an average of 120 minutes daily on the platform, it has emerged as one of the fastest-growing audio platforms, rapidly expanding its reach across the US, Europe, LATAM, and Southeast Asia.

Role Overview:

As a Senior Analyst in Privacy, you will be a key contributor in building and maturing Pocket FM's privacy program and compliance posture. You will work closely with legal, engineering, product, and business teams to ensure that user data is handled responsibly, regulatory obligations are met, and privacy is embedded into everything we build. This role is ideal for someone who is passionate about data protection, enjoys navigating ambiguity in a fast-paced environment, and wants to make a tangible impact on how millions of users data is protected.

Key Responsibilities:

  • Privacy Program Operations: Support the design, implementation, and ongoing management of Pocket FM's privacy program, including policies, procedures, and controls aligned with applicable regulations (e.g., DPDPA, GDPR, CCPA).
  • Privacy Impact Assessments (PIAs) & DPIAs: Conduct and manage privacy impact assessments for new products, features, and data processing activities, collaborating with product and engineering teams to identify and mitigate privacy risks early in the development lifecycle.
  • Data Mapping & Inventory: Own and maintain records of processing activities (RoPA), data flow maps, and data inventories across the organization.
  • Regulatory Compliance: Monitor the evolving global privacy and data protection regulatory landscape and assess the impact of new or amended laws on Pocket FM's operations. Translate regulatory requirements into actionable internal guidance.
  • GRC Framework Management: Contribute to the governance, risk, and compliance framework by performing risk assessments, managing control libraries, supporting internal and external audits (e.g., SOC 2, ISO 27701), and tracking remediation efforts.
  • Vendor & Third-Party Risk Management: Assess the privacy and security posture of third-party vendors and partners through due diligence reviews, DPAs, and ongoing monitoring.
  • Incident Support: Assist in privacy incident response activities, including breach assessment, regulatory notification analysis, and documentation.
  • Training & Awareness: Develop and deliver privacy awareness training and communications to foster a culture of data protection across the organization.
  • Metrics & Reporting: Define and track privacy and GRC metrics, preparing dashboards and reports for leadership and relevant stakeholders.
  • Cross-Functional Collaboration: Serve as a privacy point of contact for product, engineering, marketing, and business teams, providing practical guidance on data handling and privacy-by-design principles.

Required Qualifications:

  • 45+ years of experience in data privacy, GRC, or a related compliance/risk management function.
  • Strong working knowledge of global privacy regulations, including DPDPA (India), GDPR, and CCPA/CPRA.
  • Hands-on experience conducting Privacy Impact Assessments (PIAs/DPIAs), data mapping, and maintaining Records of Processing Activities.
  • Familiarity with GRC frameworks and standards such as ISO 27001, ISO 27701, SOC 2, and NIST Privacy Framework
  • Experience with vendor risk management and assessing third-party data processing agreements.
  • Understanding of privacy-by-design and privacy-by-default principles and the ability to apply them in a technology-driven environment.
  • Exposure to cloud environments (AWS preferred) and a basic understanding of how data flows through modern web/mobile application architectures.
  • Excellent written and verbal communication skills, with the ability to translate complex regulatory language into clear, actionable guidance for non-legal stakeholders.
  • Strong analytical and organizational skills, with the ability to manage multiple workstreams and prioritize effectively.
  • A proactive, ownership-driven mindset and comfort working in a fast-paced start-up environment.

Preferred Qualifications:

  • Privacy certifications such as CIPP/E, CIPP/A, CIPM, CIPT, or CDPSE.
  • Experience working with SoucePoint, OneTrust, BigID, TrustArc, or similar privacy management tools.
  • Prior experience in a consumer tech, media, or entertainment company.

Familiarity with content licensing, digital rights management (DRM), or creator/IP-related privacy considerations.

You can get more updates, insights and everything behind the scenes at Pocket FM here - Pocket FM

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Privacy Grc
Employment Type:
Full time

About Company

Pocket FM

Job ID: 145104695

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 30-03-2026 08:10:56 PM
Homejobs in Bengaluru / BangaloreSr. Analyst, Privacy & GRC

Similar Jobs

Data Eng, Mgmt & Governance Sr Analyst

Accenture in India
A

Data Visualization Sr Analyst/AVP

Talent HR Networks Private Limited
T

Sr. Analyst, Cloud Operations

Syniti

Sr QA Test Analyst

Notified

Data Analyst/Sr Data Analyst

Decathlon Sports India