Weekday (YC W21)

GRC & Data Privacy Analyst

Weekday (YC W21)  •  Hyderabad, IN (Onsite)  •  15 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

This role is for one of the Weekday's clients

Min Experience: 4 years

Location: Telangana

JobType: full-time

We are looking for a detail-focused GRC & Data Privacy Analyst to become a member of our security team. In this position, you will oversee the upkeep of our integrated risk management framework and play a key role in executing and auditing our data privacy program. You will ensure that our operations comply with international regulations (such as GDPR, PDPA, etc.) while identifying and addressing risks throughout the organization.

Requirements

Key Responsibilities

Governance & Risk Management

  • Framework Alignment: Oversee and enhance the organization’s security framework, including standards such as ISO 27001, SOC 2, and Singapore MAS.
  • Risk Assessments: Perform annual and project-specific risk assessments; maintain the Corporate Risk Register and monitor remediation activities.
  • Policy Management: Create, review, and update internal security policies and standards to ensure they accurately represent current business practices.
  • Third-Party Risk Management (TPRM): Assess the security posture of vendors and partners through thorough assessments and due diligence processes.

Data Privacy Implementation

  • Privacy Impact Assessments (PIAs/DPIAs): Lead evaluations of new products or processes to ensure "Privacy by Design" is embedded within the development lifecycle.
  • Data Mapping: Maintain detailed records of processing activities (ROPA) and create data flow diagrams.
  • Privacy Operations: Oversee the Data Subject Access Request (DSAR) process and manage responses to privacy-related inquiries.
  • Compliance Monitoring: Keep track of global privacy law changes and translate these into actionable technical or procedural requirements for IT and Product teams.

Compliance & Auditing

  • Internal Audits: Conduct regular control testing to confirm ongoing adherence to internal policies and external regulations.
  • External Audit Liaison: Act as the main contact for external auditors throughout certification cycles.
  • Awareness Training: Design and deliver training programs on security best practices and data handling protocols for all employees.

Required Qualifications

  • Experience: 4 to 6 years in GRC, Information Security, or IT Audit, with a minimum of 1 to 2 years focused specifically on Data Privacy.
  • Certifications (Preferred): CISA, CRISC, or CISM.
  • Technical Skills: Proficiency with GRC tools like Sprinto and a strong understanding of cloud security platforms such as AWS.
  • Regulatory Knowledge: Comprehensive knowledge of GDPR, PDPA, and standards including ISO 27001, SOC 2, and Singapore MAS.

Soft Skills for Success

  • The "Translator" Ability: Skilled at interpreting complex legal requirements for developers and conveying technical risks to executives.
  • Analytical Rigor: Detail-oriented with a passion for documentation and a "trust but verify" approach.
  • Adaptability: Comfortable operating within the uncertainties of evolving privacy legislation.

Must-have skills

ISO 27001

GRC

Good-to-have skills

Information Security

General Data Protection Regulation - GDPR

Weekday (YC W21)

About Weekday (YC W21)

AI recruiter that runs outbound sourcing campaigns to find top talent. At Weekday, we have built the most accurate database of talent (250mn+ people in US & India with contact data), we run outbound campaigns to identify top talent for any role you might be hiring for. We generate the highest response rates (30-40%) on our campaigns making sourcing talent as easy as making a job posting. We are backed by Y-Combinator and were also ranked #1 on Product Hunt.

Industry
Consulting & Advisory
Company Size
51-200 employees
Headquarters
San Fransisco, CA
Year Founded
2021
Website
weekday.works
Social Media