IN-Senior Associate_Data Privacy_IN-IT Services Co_IFS_Pune

Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

Operations

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Summary (Please include a couple of lines on the firm and LoS)

Serve as the subject matter expert and primary point of contact for Data Privacy matters, with a focus on compliance with the India Digital Personal Data Protection Act, 2023 (DPDPA) and other Data Privacy compliance requirements as requested by clients, our vendors and PwC internal processes and systems. Ensure effective coordination with relevant stakeholders and timely reporting of the status to the Data Protection Officer (DPO), Risk & Quality and business teams

Responsibilities (essential functions and responsibilities of the job):

As a Data Privacy Senior Associate, you would be responsible for,

• Support business for timely review of client contracts, conduct privacy gap assessments, Data Protection Risk Assessment (DPRAs), Data Protection Impact Assessments (DPIAs), and conduct internal audits across various sectors to identify gaps and build actionable remediation roadmaps.
• Support in Design and improve robust data privacy risk management programs, identifying risks, working with the business to devise mitigation strategies, and monitoring their effectiveness.
• Schedule and conduct data privacy and protection awareness programs for new and existing staff.
• Support incident response planning, breach notification processes, and handle/ensure timely responses to Data Principal rights requests (e.g., access, correction, erasure).
• Maintain the personal data registers as required by legislation, e.g. the type of personal data that we hold, who processes it and who we share it with.
• Contribute to new initiatives and processes to implement DP compliances

Education and Experience:

• Typically, 5-6+ years of experience in data privacy, compliance, or regulatory consulting roles.
• In-depth knowledge of the Digital Personal Data Protection (DPDP) Act, 2023, and strong working knowledge of other global privacy regulations such as GDPR, CCPA, etc.
• Understanding of data governance, security controls, privacy by design principles and application architecture, with the ability to provide technical remediation recommendations.
• Certifications: Professional certifications such as CIPP/E, CIPP/A, CIPM, CIPT, or ISO 27701 Lead Implementer/Auditor are highly desirable.
• Soft Skills: Excellent analytical, problem-solving, stakeholder management, and communication skills, with the ability to translate legal and technical requirements into actionable business practices
• Experience in handing client contract reviews, negotiations, problem solving will be big plus Experience of creating training & awareness programmes
• Experience in Service Now or any other similar applications/tools
• Experience in One Trust modules for DSR, DPIA, Consent Management, Cookie Management is desirable.

Education Level: Bachelor’s degree or equivalent in Engineering or Law

Candidate Specifications (insert the relevant personal skills here):

Essential Skills:

• Conceptual skills
• Influencing skills
• Conflict resolving skills
• Service orientation
• Managing ambiguity
• Diagnostics
• Change Management
• Managing multiple and time sensitive consultations efficiently

CV sifting criteria (definitive criteria which a CV must have. This helps us to screen out irrelevant CVs):

• 5 to 6 years of experience in Data privacy, Data Protection, Information Protection, Privacy Counsel.
• Data Privacy Certifications (preferred) CIPP/E, CIPP/A, CIPM, CIPT, or ISO 27701 Lead Implementer/Auditor

Compensation: Base salary range to be determined (TBD).
Work Location: Primarily remote, with in-office presence required for a few days each week.

The required number of FTE: 1 (One)

The skills we look for in future employees (This is standard text that is incorporated into every job description.  You do not need to add any content into this field.  This is for your information only):

All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, ‘The PwC Professional’.

The PwC Professional focuses on five core attributes; whole leadership, business acumen, technical capabilities, global acumen and relationships. We use this framework to recruit, develop and assess our people, at all grades and all areas of our business, because we expect all of our people to be leaders.

Mandatory skill sets:Data Security    
Data Loss Prevention (DLP)

Preferred skill sets:Data Protection

Years of experience required:4 years

Education Qualification:
Bachelor of Technology

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Data Security

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date