Detailed Position Description:
- Liaise with HCL’s internal stakeholders, business lines and corporate functions to implement controls, policies and procedures through the appropriate technical and technological solutions with a cross functional risk approach.
- Provide expert and practical advice on India applicable laws and other APAC laws and regulations concerning privacy, data protection and data security.
- Monitor privacy and data protection compliance across India & APAC, particularly in the IT and information security functions.
- Maintain an effective framework for the identification and mitigation of privacy and data protection risks in India & APAC.
- Liaise with relevant data protection authorities on matters related to registrations and notifications, complaints from data subjects (employees and costumers’ clients) and management of data protection breaches.
- Assist with investigations into complaints about breaches of Indian and APAC Laws and undertake reporting/remedial action as required.
- Support privacy and data protection training/awareness initiatives in the APAC.
- A minimum of 5-years’ extensive experience on building and/or management of privacy framework / program within any multinational organization(s).
- A minimum of 4-years’ experience of people-management and leading team.
- Desirable (any or all of the following):
- Implementation experience of international privacy and data protection standards like ISO 29100:2011,
- Operational risk management experience including, but not limited to, implementation of models and standards like ISO 31000 etc.,
- Implementation and management of information security framework(s), ISO27001 etc.
- Managing legal & regulatory compliance program.
- Implementation of technology enabled globally established information security standards like PCI-DSS, TRUSTe, et al.
- Professional Qualifications
- A professional cadre privacy certification, from a globally accredited organization, e.g., Certified Information Privacy Professional from IAPP (highly desirable),
- Knowledge and key skills
- Extensive and demonstrable experience on India & APAC data security, privacy and data protection issues, preferably in a consultancy role.
- Knowledge on the regulatory landscape of India & APAC and its dynamics.
- Proven project management skills with a focus on delivery and results.
- Commercial and solutions-led approach to data protection compliance.
- Strong attention to planning, detail and an organised work style.
- Ability to prioritise, deliver to deadlines and to self-motivate.
- Demonstrated ability to think and lead on a strategic level in a complex organization.
- The clear ability to act as an expert on data protection issues.
- Experience in the implementation of privacy requirements in IT companies and, in particular, technology related corporate functions.
- Proven expertise and demonstrable knowledge on executing privacy and data protection Impact Assessments.
- Demonstrable knowledge on ‘privacy by design’ theory.
- A proactive and flexible approach, with a willingness to travel, as required.
- Demonstrable ability to liaise and influence at the highest level within internal stakeholders, creating and maintaining effective relationships.
- Ability to influence key stakeholders and to communicate a compliance view persuasively by telephone, in writing and in person.
- The ability to regularly update technical expertise to maintain "expert" status.
- Specialized knowledge of managing operational risk of a complex organization with many different lines of business.
- Demonstrated knowledge on compliance with the General Data Protection Regulation (GDPR)
Application Submission Information:
Please send your detailed CV to Anuradha_b@hcl.com