Kotak Mahindra Bank

Senior Principal Manager Technologist-SUPPORT SERVICES-CTO - Support services

Kotak Mahindra Bank  •  Mumbai, IN (Onsite)  •  4 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Data Protection Officer (DPO)

Job Title: Data Protection Officer

Location: Mumbai


The Data Protection Officer (DPO) is responsible for overseeing the organization’s data protection strategy and ensuring compliance with applicable data protection laws and regulations (such as GDPR, DPDP Act India, etc.). The role involves advising on data privacy obligations, monitoring compliance, managing data risk, and acting as the primary contact for regulatory authorities and data subjects.


Key Responsibilities

1. Regulatory Compliance & Advisory

  • Ensure compliance with applicable data protection laws and regulations (e.g., GDPR, India’s DPDP Act).
  • Advise management and business units on data protection obligations.
  • Interpret laws, regulations, and guidelines related to personal data.

2. Data Governance & Privacy Framework

  • Develop, implement, and maintain data protection policies and procedures.
  • Establish a robust data governance framework for handling personal data.
  • Oversee data classification, retention, and deletion policies.

3. Risk Management & Impact Assessments

  • Conduct Data Protection Impact Assessments (DPIA) and Privacy Impact Assessments (PIA).
  • Identify and mitigate risks associated with data processing activities.
  • Monitor data breaches and ensure appropriate remediation and reporting.

4. Monitoring & Audits

  • Monitor internal compliance through audits, assessments, and controls.
  • Coordinate internal and external audits related to data protection.
  • Maintain records of processing activities (RoPA).

5. Training & Awareness

  • Develop and deliver data protection training programs.
  • Promote awareness of data security and privacy within the organization.

6. Incident Management

  • Lead response to data breaches and incidents.
  • Ensure timely reporting to regulators and affected individuals (where required).

7. Stakeholder Management

  • Act as a point of contact for regulators and supervisory authorities.
  • Handle data subject requests (DSARs), complaints, and inquiries.
  • Collaborate with IT, legal, compliance, and business teams.

8. Vendor & Third-Party Risk Management

  • Assess and monitor third-party data processors and vendors.
  • Ensure appropriate data processing agreements (DPAs) are in place.

Key Skills & Competencies

  • Strong knowledge of global data protection laws (GDPR, DPDP, etc.)
  • Risk assessment and compliance expertise
  • Excellent communication and stakeholder management
  • Analytical thinking and problem-solving skills
  • High ethical standards and confidentiality
  • Ability to work independently and influence senior stakeholders

Qualifications & Experience

  • Bachelor’s degree in Law, Information Security, IT, or related field (Master’s preferred)
  • Relevant certifications preferred:
    • CIPP, CIPM (IAPP)
    • ISO 27701 / 27001
    • Certified Information Security Manager (CISM)
  • Experience:
    • 15–20 years in data protection, compliance, or information security
    • Experience in regulated industries (BFSI, healthcare, etc.) preferred

Key Performance Indicators (KPIs)

  • Compliance adherence rate
  • Number of data incidents and resolution time
  • Audit findings and closure timelines
  • Training completion rates
  • Regulatory reporting timeliness

Additional Requirements

  • Independence in performing DPO duties (as per regulatory expectations)
  • Ability to handle confidential and sensitive information
  • Strong documentation and reporting skills

Nice-to-Have

  • Experience with privacy tools and systems
  • Knowledge of cybersecurity frameworks
  • Experience working with cross-border data transfer regulations
Kotak Mahindra Bank

About Kotak Mahindra Bank

About Kotak Mahindra Group:

Established in 1985, the Kotak Mahindra Group is one of India’s leading financial services conglomerates. In February 2003, Kotak Mahindra Finance Ltd. (KMFL), the Group’s flagship company, received a banking license from the Reserve Bank of India (RBI). With this, KMFL became the first non-banking finance company in India to become a bank – Kotak Mahindra Bank Limited.

The consolidated balance sheet of Kotak Mahindra Group is over 1 lakh crore and the consolidated net worth of the Group stands at 13,943 crore (approx US$ 2.6 billion) as on September 30, 2012.

The Group offers a wide range of financial services that encompass every sphere of life. From commercial banking, to stock broking, mutual funds, life insurance and investment banking, the Group caters to the diverse financial needs of individuals and the corporate sector. The Group has a wide distribution network through branches and franchisees across India, and international offices in London, New York, California, Dubai, Abu Dhabi, Bahrain, Mauritius and Singapore. For more information, please visit the company’s website at https://www.kotak.bank.in/en/home.html

Industry
Finance & Insurance
Company Size
10,000+ employees
Headquarters
Mumbai, IN
Year Founded
1985
Website
kotak.com
Social Media