About The Role This position is responsible for assisting in the management of privacy incident & breach management, and Data Subject Request (DSR) process for the privacy program for the Flipkart Group. The position reports to the Privacy SME who has overall responsibility for the management of privacy requirements across Flipkart and its subsidiaries.
Job Description
Contribute to risk identification, risk mitigation and cross functional response to privacy incident management.
Participate and support privacy incident management resolution activities, analyze incident trends to help identify and design the preventive controls to safeguard personal information and brand reputation
Ensure incident records are documented with supporting evidence that is thorough and accurate
Capture root cause, incident themes, lessons learnt and preventive controls for analysis and mitigating future future risks
Respond to DSR in timelines, help improve and structure the DSR process.
Establish and maintain open lines of communication with relevant stakeholders and authorities as needed.
Updates Program lead on program progress, gaps, and strategies.
Ensures appropriate escalation and communication of compliance matters to Program lead.
Knowledge of data protection and privacy laws of India, and other international laws such as EU GDPR, Middle-East would be preferred.
Handle operational aspects of privacy and maintain Privacy Business Continuity Process.
Manages individual rights requests and privacy complaints.
Supports implementation of the global records management program.
Conduct incident and DSR analytics to provide visibility to leadership to understand trends and create future roadmap for changes
Handle reporting to authorities, notification to Data subjects and monitor DSR requests and support continuous improvement efforts for the program at the group level.
Qualifications And Experience
Bachelor’s degree in law, or information technology with a minimum 2-5 years’ experience working in E-commerce, Technology/Product/ IT organization sector in large organizations needed.
Experience in incident management (handling breaches) and DSR process and procedures
Proficient in incident response processes (detection, triage, incident analysis, remediation and reporting)
Good SQL/PL SQL experience for data analysis, data profiling and reverse engineering
Experience in Data protection & data security measures (encryption, anonymization etc.)
Knowledge of Privacy and Security tools such as OneTrust etc.
Working knowledge of industry standard risk, governance and information security standard methodologies
Professional Credentials such as CIPT, CIPM, CIPP will have an advantage
Excellent interpersonal skills and strong background in information security and technology
Self-starter and able to work independently
Experience to operate within an international environment with a diversity of cultures