Job Title: Data Privacy Specialist

Location: Gurugram

Experience: 10-12 Years

About the Role:

We are seeking an experienced and highly skilled Data Privacy Specialist to lead data privacy compliance initiatives, review key privacy contracts, advise on global data protection regulations, and implement privacy best practices across the organization. The ideal candidate will have a strong legal background, deep expertise in GDPR and global privacy laws, and a solid understanding of technical and security controls.

Key Responsibilities & KRAs:

- Review, draft, and negotiate Data Processing Agreements (DPAs), EU and UK Standard Contractual Clauses (SCCs).

- Conduct thorough risk assessment of privacy-related contractual clauses and mitigate privacy risks in collaboration with legal, IT, and business teams.

- Lead GDPR, DPDPA, CCPA, ISO 27701, and other global privacy regulations implementation across business units.

- Perform Privacy Impact Assessments (DPIAs) for new projects, systems, and processes; provide actionable mitigation strategies.

- Provide expert legal advisory on data privacy, focusing on cross-border data transfers and evolving regulations.

- Monitor global data protection regulations and assess their business impact proactively.

- Collaborate closely with IT and Security teams to define and implement technical and organizational measures ensuring privacy by design.

- Recommend privacy-enhancing technologies and process improvements for secure data handling.

- Develop and deliver comprehensive training programs on data privacy regulations and internal policies for business teams.

- Foster a strong privacy culture across the organization and ensure high compliance awareness.

- Act as the primary point of contact for data privacy audits, regulatory inquiries, and internal privacy assessments.

- Manage multiple privacy compliance projects simultaneously, ensuring timely delivery and alignment with regulatory timelines.

Required Qualifications & Skillset:

- Bachelor's or Master's degree in Law.

- 10-12 years of hands-on experience in data privacy, compliance, and legal advisory.

- In-depth knowledge of GDPR, CCPA, DPDPA, ISO 27701, and other global privacy regulations.

- Strong expertise in reviewing and negotiating Data Processing Agreements (DPAs) and Standard Contractual Clauses (SCCs).

- Sound understanding of technical and security controls relevant to data privacy.

- Mandatory certifications: CIPP/E, CIPM, or CIPT.

- Strong analytical skills with high attention to detail.

- Excellent communication and negotiation skills.

- Ability to manage multiple privacy compliance projects and deadlines.

- Proven ability to work cross-functionally with Legal, IT, Security, and Business teams.

Preferred Attributes:

- Experience working with privacy management tools such as OneTrust, TrustArc, or similar.

- Familiarity with additional privacy laws such as PDPA, PIPL, LGPD.

- Strong stakeholder management and influencing skills.

- Proactive attitude towards emerging privacy regulations and technologies.