Talent.com
Isha Foundation - Data Protection / Security Analyst

Isha Foundation - Data Protection / Security Analyst

Isha FoundationCoimbatore
20 days ago
Job description

Description :

We are seeking a highly skilled and detail-oriented Data Protection and Privacy Compliance Manager to oversee the organizations data protection framework, ensure compliance with global privacy regulations, and strengthen the companys data security posture.

The ideal candidate will have a deep understanding of data privacy laws such as GDPR, CCPA, and HIPAA, experience managing data subject rights (DSR) requests, and the ability to lead incident response efforts in collaboration with IT and legal teams.

This role requires a proactive professional who can balance regulatory compliance, operational efficiency, and strategic security initiatives.

Key Responsibilities :

1. Data Protection Compliance & DSR Management :

  • Manage and process Data Subject Rights (DSR) requests in accordance with applicable privacy regulations (GDPR, CCPA, HIPAA, etc.), ensuring timely responses for access, correction, deletion, restriction, and data portability requests.
  • Monitor and ensure ongoing organizational compliance with global data protection laws and internal privacy standards.
  • Conduct Data Protection Impact Assessments (DPIAs) for new systems, tools, or processes that may impact personal data privacy.
  • Lead and perform privacy audits to assess adherence to data protection requirements and identify areas for improvement.
  • Design and deliver employee training programs to raise awareness on data protection principles, security best practices, and compliance procedures.
  • Regularly review, update, and improve privacy and data management policies in alignment with evolving regulations.

Security Incident Monitoring & Response :

  • Continuously monitor for potential data security threats and anomalies that could impact personal or sensitive information.
  • Lead the incident response process for data breaches or security incidents, coordinating with IT, Legal, and Compliance teams to ensure swift containment and remediation.
  • Conduct forensic investigations to determine root causes, assess impact, and implement corrective measures.
  • Ensure compliance with data breach notification obligations and maintain accurate incident documentation.
  • Collaborate cross-functionally to ensure timely reporting to regulatory authorities and affected data subjects, where required.

    • Data Protection Strategy & Security Measures :

  • Oversee implementation of data encryption protocols for data at rest and in transit, ensuring sensitive data remains secure.
  • Deploy and manage Data Loss Prevention (DLP) tools to detect, prevent, and respond to unauthorized data transfers or leaks.
  • Work with IT teams to implement robust access control policies based on least privilege and role-based permissions.
  • Ensure data resilience by maintaining effective backup and disaster recovery strategies that comply with data protection standards.
  • Continuously assess and enhance the organizations overall data protection architecture to align with best practices.

    • Policy Development and Implementation :

  • Develop, maintain, and enforce comprehensive data protection policies governing data retention, processing, storage, and destruction.
  • Support the design and implementation of technical and organizational security controls to safeguard personal data.
  • Lead vendor risk management processes, ensuring third-party partners comply with company data protection standards and contractual requirements.
  • Partner with procurement and legal teams to ensure privacy and security clauses are embedded in vendor agreements.

    • Reporting & Documentation :

  • Prepare regular reports for senior management, legal, and compliance teams detailing the organizations data protection performance, key risks, ongoing DSR requests, and incident response status.
  • Maintain thorough documentation of DSR logs, incident reports, DPIAs, audits, and policy reviews for internal and regulatory audit purposes.
  • Track and analyze key data protection KPIs and metrics to support continuous improvement efforts.

    • Qualifications and Experience :

  • Bachelors or Masters degree in Law, Information Security, Computer Science, or a related field.
  • Minimum of 7 to 12 years of experience in data privacy, data protection compliance, or information security governance.
  • In-depth understanding of GDPR, CCPA, HIPAA, and other global data privacy frameworks.
  • Hands-on experience in handling DSR requests, DPIAs, and data breach management.
  • Proficiency in using DLP tools, security monitoring systems, and privacy management platforms.
  • Strong analytical, problem-solving, and decision-making abilities with attention to detail.
  • Excellent communication and stakeholder management skills, with the ability to translate complex regulatory requirements into practical business processes.
  • Relevant certifications such as CIPP / E, CIPM, CIPT, ISO 27001 Lead Implementer, or CISSP are highly preferred.

    • Personal Attributes :

  • High integrity, confidentiality, and professionalism in handling sensitive information.
  • Strong organizational and multitasking skills with the ability to prioritize effectively.
  • Collaborative mindset with a proactive, solution-oriented approach.
  • Strategic thinker capable of balancing compliance with business needs

    • (ref : hirist.tech)

    Create a job alert for this search

    Data Analyst • Coimbatore