Data Protection and Information Security Officer

The Data Protection and Information Security Officer (DSO) is responsible for the Governance of the Data Protection Management System (DPMS) and Information Security Management System (ISMS) in all organizational units of the Bosch Group in India Sri Lanka Bangladesh and Nepal.

Role and responsibilities

1. Recognize the principles intent ways rationales approaches ideas and solutions proposed deliberated and adopted in creating / enacting data protection regimes
2. Comprehend privacy legislative ideas intent articles sections and expectations set by them and their relevance to the organization
3. Assess and estimate impact
4. Set up:
   1. Privacy Program
   2. Data inventory/registry
   3. Recording data processing activities
   4. Governance mechanism
   5. Privacy organization
   6. Grievance handling
   7. Privacy reporting
   8. Monitoring and incident reporting
5. Drive organizational response contribution commitments to privacy requirements and obligations (e.g. Training Awareness campaigns Board and executive Management Commitment issuing guidelines Directives Policies Procedures Seeking conformance and reporting Assessing preparedness)
6. Operationalizing the Privacy Program including governance
7. Operationalizing the privacy Technology and Architecture
8. Assessing emerging Technology Digitization impacting Privacy
9. Monitoring and Incident Response

Qualifications :

• Fulltime LLB mandatory.
• Experience in people management & global stakeholder management

Key asks of the role:

• Expertise in data privacy laws
• Comprehensive understanding of technologies (solid background in IT data analysis data management data security data protection tools and techniques). Ability to assess and implement new technologies that enhance the organizations data protection strategies and compliance efforts.
• Good leadership and communication skills. Coordination ability (varied internal stakeholders across hierarchy and externals like data principals data protection supervisory authority etc)
• Should be able to explain complex data protection concepts in clear and simple terms and foster a culture of data protection within the organization.
• Sound understanding of business domain and operations.
• Audit and legal skills. Ability to conduct and oversee data protection audits assessments and identify and mitigate risks or gaps in the organizations data protection practices.
• Basic knowledge of legal aspects of data protection (e.g. contracts agreements disputes) and be able to liaise with legal advisors or representatives when necessary.
• Complex problemsolving ability to identify analyze solve nonroutine problems that require high cognitive effort and creativity. Complex problems often involve multiple factors uncertainties interdependencies dynamic changes and they may not have clear or optimal solutions.
• Critical thinking skills essential as they enable assessment of potential risk and vulnerabilities in the organizations data protection strategies and develop effective solutions for mitigating them and ensuring compliance with applicable data protection laws.
• Emotional intelligence to help the DPO communicate effectively with different stakeholders (e.g. Data subjects data processors joint controllers data protection board supervisory authorities and to understand their needs expectations and perspectives); Handle complex and sensitive data protection issues such as data breaches complaints disputes or investigations and to make sound and ethical decisions based on the available information data and criteria; manage stress emotions and conflicts that may arise in the course of their work and to maintain a positive and professional attitude and demeanor.

Additional Information :

• 1518 years of post qualification experience as per the above description.

Remote Work :

No

Employment Type :

Fulltime