Data Protection Officer
- NTT DATA
- 6 - 8 years
- Hyderabad
- 22 days ago
- Email to a friend
- Report this job
Job Description
We want to shape the future with vision and innovation. Be part of it and develop your full potential!
As part of the global NTT DATA Group, one of the most successful IT service providers in the world, we specialize in value-added SAP solutions as NTT DATA Business Solutions. With over 12,000 employees in more than 30 countries, we design, implement, and develop custom-fit SAP solutions for our global customers.
Would you like to take the next step in your career and be part of our highly qualified team?
Are you ready to break new ground?
Job Title: Data Protection Officer (DPO)
Experience: 6 to 8 Years
Job Location: Hyderabad
Role Overview:
The Manager Data Protection & Privacy supports the organizations Data Protection Officer (DPO) function and is responsible for building, operating, and monitoring the privacy compliance framework under the Digital Personal Data Protection Act (DPDP Act) 2023 and global client requirements (GDPR, ISO 27701, SOC 2, etc.).
This role ensures that all personal data is processed lawfully, securely, and transparently across the organization through effective governance, documentation, DSAR handling, vendor assessments, and incident-management coordination.
Key Responsibilities
A. DPDP Compliance Operations
- Support the DPO in implementing and maintaining compliance with the Digital Personal Data Protection Act, 2023 and GDPR requirements
- Maintain and update the Record of Processing Activities (ROPA) and enterprise-wide data inventory across HR, IT, Sales, Delivery, Marketing, and Vendor functions.
- Assist in preparing privacy notices, consent language, internal guidelines, and data-handling SOPs.
B. DSAR & Rights Handling
- Manage the end-to-end workflow for Data Principal Rights: Access, Correction, Erasure, Consent Withdrawal, and Grievances.
- Maintain DPDP-compliant logs, turnaround times, and reporting dashboards.
C. Privacy Governance & Documentation
- Draft, update, and operationalise policies, including:
- Data Retention & Disposal
- Information Handling & Access
- Vendor Data Protection Guidelines
- Breach Response SOP
- Maintain structured documentation aligned with ESG, ISO 27001/27701, SOC2 and client contract requirements.
D. Vendor & Third-Party Compliance
- Conduct privacy/security assessments for new vendors and tools.
- Review vendor DPAs, NDAs, and data-handling terms under supervision of the Head LRC and DPO.
- Track and escalate high-risk vendor issues.
E. Awareness & Training
- Assist in rolling out privacy awareness programs, toolkits, intranet content, and mandatory training modules.
- Support delivery teams/HR/IT with compliance clarifications.
F. Incident & Breach Support
- Maintain the Breach Register and assist the DPO in triage, documentation, evidence collection, and root-cause analysis.
- Coordinate with InfoSec, IT, HR, and Legal during investigations.
G. Audit & Reporting
- Support internal audits, client audits, vendor audits, and certification assessments (ISO 27701, SOC2).
- Prepare monthly compliance reports for MD/CEO and governance decks for the Board, as required by the DPO
Required Qualifications & Experience
- Education: Bachelors degree required; preference for Law, IT, Management, Cybersecurity, or related fields.
Experience
- 6 - 8 years of experience in:
- Data privacy
- Risk management
- Governance or IT audits
(Experience can be mixed across these domains; direct privacy experience is preferred but not mandatory.)
Skills
- Strong understanding of privacy principles, the DPDP Act, the GDPR and general compliance frameworks.
- Ability to interpret policies, draft documents, and manage structured workflows.
- Good coordination skills across IT, HR, Legal, Delivery, and Operations.
- Strong written & verbal communication.
- Ability to handle sensitive incidents confidentially and professionally.
Certifications (Good to have)
- DCPP (Data Protection Professional India)
- CIPP/A, CIPP/E, CIPM or equivalent
- ISO 27001/27701 Internal Auditor
- Any recognised privacy or cybersecurity certification
Key Competencies
- Integrity & independence
- Analytical and process-oriented thinking
- Stakeholder management capability
- Meticulous documentation skills
- Ability to escalate issues appropriately
- Understanding of risk and control frameworks
Key Outcomes (First 12 Months)
- Up-to-date ROPA and organisation-wide data map.
- Fully operational DSAR & grievance workflow.
- Updated privacy notices, policies, and internal SOPs.
- Vendor privacy review process established.
- Privacy training delivered to all employees.
- Quarterly compliance dashboards ready for MD/CEO and Board reporting
Get empowered by NTT DATA Business Solutions!
- Are you the person we're looking for? If yes, we look forward to receiving your application for this vacancy.
Write to sa***********r@**.nttdata.com
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: IT Security - OtherEmployement Type: Full timeContact Details:
Company: NTT DATA BusinessLocation(s): Hyderabad
Keyskills: Data Protection Manager ISO 27001 Information Security Gdpr Data Privacy Risk Management
NTT DATA
NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the worlds leading AI and digital infrastructure providers, with...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in