• Perform regulatory mapping and gap analysis for GDPR, POPIA, PIPL, and other applicable laws.
• Develop and maintain privacy policies, notices, and consent management systems.
• Implement data subject rights management processes (DSAR workflows).
• Conduct third-party privacy due diligence and review vendor contracts.
• Maintain audit-ready documentation and compliance reporting.
• Conduct PIAs and DPIAs for new projects and systems.
• Document and manage privacy risks, maintain risk registers, and remediation plans.
• Establish breach notification procedures aligned with regulatory timelines.
• Integrate with the Security Operations Center (SOC) for incident response and forensics.
• Deliver staff training on escalation and breach response protocols.
• Design and deliver tailored training programs on GDPR, POPIA, and other regulations.
• Deploy and configure OneTrust privacy management tools, ensuring interoperability.
• Automate workflows and support phased service adoption.
• Develop transition plans from legacy frameworks to new systems.
• Maintain SLAs for implementation, response, and requests.

Desired qualifications

• 3–5 years of experience in privacy assessment and compliance implementation.
• Proven experience in OneTrust platform deployment and configuration.
• Strong understanding of global privacy regulations (GDPR, POPIA, PIPL, CCPA, etc.).
• Experience in privacy risk management, PIAs/DPIAs, and incident response.
• Familiarity with data lifecycle management, retention automation, and quality controls.
• Excellent communication and stakeholder management skills.
• Ability to create audit-ready documentation and compliance reports.

Location and way of working

• Base location: Bangalore
• This profile involves frequent travelling to client locations.