Description:

We are seeking a highly skilled Data Protection Officer (DPO) / GRC Officer responsible for ensuring compliance with global security and data protection regulations. The ideal candidate will oversee governance, risk, and compliance (GRC) programs, implement security frameworks, and safeguard sensitive data across the organization.

Responsibilities:

- Build and manage Governance, Risk & Compliance (GRC) frameworks aligned with standards and regulations.

- Ensure compliance with DPDP, GDPR, ISO 27001 SOC 2 PCI-DSS, and NIST.

- Conduct risk assessments, ITGC reviews, and third-party vendor audits.

- Lead data protection, privacy, and incident management programs.

- Maintain business continuity and disaster recovery plans.

- Drive security awareness and collaborate with cross-functional teams.

Requirements:

- Bachelor's/Master's degree in Information Security, Cybersecurity, Compliance, or a related field.

- Professional certifications such as CIPP/E, CIPM, CISSP, CISM, CISA, ISO 27001 Lead Auditor, or CRISC are highly preferred.

- 5+ years of experience in Data Protection, Compliance, GRC, or Cybersecurity roles.

- Strong knowledge of regulatory frameworks (SOC2 ISO27001 GDPR, DPDP, PCI-DSS, NIST, ITGC, Third-Party Risk Management).

- Experience in implementing GRC tools and automating compliance processes.

- Excellent stakeholder management skills with the ability to work cross-functionally.

- Strong analytical, problem-solving, and decision-making skills.