734 Data Privacy jobs in India

Location: Hyderabad-WFO

Number of roles: 2

Experience: 2–4 years or 5-8 years

Notice Period: Immediate preferred; 30 days

We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships.

What You’ll Do:

• Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks
• Conduct DPIAs and respond to data subject requests
• Build privacy and security policies aligned to ISO 27001 and HIPAA
• Guide business teams on privacy risks and best practices

What We’re Looking For:

• 2–8 years in privacy, IT compliance, or security consulting
• Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus
• Familiarity with ISO 27001, HIPAA, and data security regulations
• Certifications like CIPP/E, CIPM, CCSFP are advantageous

Job Statement:

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

Location: Hyderabad-WFO
Number of roles: 2
Experience: 2–4 years or 5-8 years
Notice Period: Immediate preferred; 30 days

We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships.

What You’ll Do:
Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks
Conduct DPIAs and respond to data subject requests
Build privacy and security policies aligned to ISO 27001 and HIPAA
Guide business teams on privacy risks and best practices

What We’re Looking For:
2–8 years in privacy, IT compliance, or security consulting
Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus
Familiarity with ISO 27001, HIPAA, and data security regulations
Certifications like CIPP/E, CIPM, CCSFP are advantageous

Job Statement:
NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

Location: Hyderabad-WFO

Number of roles: 2

Experience: 2–4 years or 5-8 years

Notice Period: Immediate preferred; 30 days

We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships.

What You’ll Do:

• Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks
• Conduct DPIAs and respond to data subject requests
• Build privacy and security policies aligned to ISO 27001 and HIPAA
• Guide business teams on privacy risks and best practices

What We’re Looking For:

• 2–8 years in privacy, IT compliance, or security consulting
• Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus
• Familiarity with ISO 27001, HIPAA, and data security regulations
• Certifications like CIPP/E, CIPM, CCSFP are advantageous

Job Statement:

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

Location: Hyderabad-WFO

Number of roles: 2

Experience: 2–4 years or 5-8 years

Notice Period: Immediate preferred; 30 days

We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships.

What You’ll Do:

• Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks
• Conduct DPIAs and respond to data subject requests
• Build privacy and security policies aligned to ISO 27001 and HIPAA
• Guide business teams on privacy risks and best practices

What We’re Looking For:

• 2–8 years in privacy, IT compliance, or security consulting
• Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus
• Familiarity with ISO 27001, HIPAA, and data security regulations
• Certifications like CIPP/E, CIPM, CCSFP are advantageous

Job Statement:

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

Location: Hyderabad-WFO

Number of roles: 2

Experience: 2–4 years or 5-8 years

Notice Period: Immediate preferred; 30 days

We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships.

What You’ll Do:

• Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks
• Conduct DPIAs and respond to data subject requests
• Build privacy and security policies aligned to ISO 27001 and HIPAA
• Guide business teams on privacy risks and best practices

What We’re Looking For:

• 2–8 years in privacy, IT compliance, or security consulting
• Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus
• Familiarity with ISO 27001, HIPAA, and data security regulations
• Certifications like CIPP/E, CIPM, CCSFP are advantageous

Job Statement:

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

Bengaluru, India
- GSH
- 3122061

**Job Description**:

- The purpose of the role is to assist organisation in any one or more aspects of data privacy and data protection compliance from the below

Roles & Responsibilities:

- Drives benchmarking activities and ensures all operations, policies, procedures are up to date to comply with accountability, transparency and reporting requirements. Drives on all required certifications, internal and external audits and international standards adoption and compliance.
- Conduct Privacy Impact Assessments of Applications, data flow mapping, identify gaps and track for closure
- Manage data incidents / breaches by investigating and identifying remedial actions
- Conduct Vendor Risk Assessments for data protection controls and ensure compliance with Third parties related to Data Processing / Transfer Agreements
- Handle and resolve Data Subject Rights requests
- Ensure that systematic compliance audits are undertaken and that their findings are reported and acted upon
- Hold training with staff members across different business units who are involved in data handling or processing
- Proactively conduct reviews to ensure compliance and address potential issues. Track gaps for closure
- Maintain records of all data processing activities carried out by the company
- Serve as the point of contact between the company and the data protection authorities
- Prepare various reports for compliance, Data Privacy issue reporting, Gaps etc; Track Gaps forclosure.
- Prepare Management reports and Dashboards

Qualifications:
** Background /Experience**
- Demonstrate deep knowledge of data privacy, data handling and data classification
- Demonstrate experience of managing data privacy issues in a global organisation
- Knowledge of Data/Information Security - ISMS27k/PCIDSS
- Risk/Compliance/Audit background

**Qualification**:

- Expertise in global and European data protection laws and practices
- 3+ years of relevant experience in Data privacy / Information Security / Risk Management / Auditing & Compliance
- Graduation (BTech/BE/MCA/MBA/Law or Finance)
- Privacy Certifications CIPP(US/Europe), CIPM, CIPT and/ or DCPP, DCPLA, CISSP, CISM etc. is

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.

**Additional Information**
**Job Number** 24192844
**Job Category** Legal
**Location** Gurgaon Area Office, Vatika Towers 5/F Block B, Gurugram, Haryana, India, 122003VIEW ON MAP ( Full Time
**Located Remotely?** N
**Position Type** Management
**JOB SUMMARY**
The attorney in this position will be part of the Marriott Law Department providing legal services to the properties and offices part of the Asia Pacific Excluding China. This attorney will help support our culture of integrity by providing legal support for the company's Ethics and Global Compliance program, including crucial risk areas such as:
+ Anti-corruption and anti-bribery
+ Economic and trade sanctions
+ Antitrust and competition law
+ Anti-money laundering
+ Ethics and Code of Conduct
+ White-collar crimes
+ Whistleblower hotline (Business Integrity Line)
+ Other critical areas as designated by the company's compliance programs
In addition, the Legal Counsel is also responsible for developing, implementing, and executing Marriott's growing Global Privacy program while promoting compliance with applicable privacy, data, and information protection laws. The individual will support the Company's Privacy Governance program and drive the development and delivery of training and communications, and lead the execution of privacy programs and key initiatives. The attorney will also develop privacy policies and assessments and advise and support new business ventures and pilot programs.
**CANDIDATE PROFILE**
**Education & Qualifications**
+ Excellent academic records with a law degree from an accredited law school
+ 3+ years of legal experience in a law firm or corporate law department of national reputation
+ Active Bar membership (if licensed in the United States) or practicing certificate
Requirements
+ Experience in one or more of the following practice areas: (1) ABAC/AML/Investigations, (2) Trade/Sanctions, (3) Competition, (4) Data Protection/Privacy
+ Outstanding analytical, writing, and oral presentation skills;
+ Excellent written and oral communication skills in English
+ Identify and assess issues quickly and provide legally sound recommendations consistent with good business practices and reason
+ Strong problem-solving/analytical skills and excellent organizational skills
+ Ability to work well under pressure while producing a high volume of accurate work
+ Strong interpersonal and consultative skills with an ability to interact effectively and work diplomatically with individuals at all levels
+ Constructive approach to dealing with conflict, and ability to influence and achieve successful results
+ Excellent client service
+ Ability to work independently, take ownership of, and effectively resolve problems
+ Ability to think strategically and provide leadership when needed
+ Flexibility for travel
**CORE WORK ACTIVITIES**
**Compliance**
+ Governance & Strategy:
+ Support the objectives set by the Board's Audit Committee and the Company's Legal and Ethical Steering Committee (LESC) by working closely with the Global Compliance Officer and Internal Audit Department.
+ Support the APEC Continent's Legal and Ethical Compliance Committee (LECC) and serve as a liaison to the Company's Legal and Ethical Steering Committee (LESC).
+ As part of the LECC meetings, responsibilities include developing meeting agenda and minutes, coordinating materials, presenting updates, and providing advice.
+ Programs & Initiatives:
+ Collaborate with other corporate departments with compliance responsibilities such as Internal Investigations, the Internal Audit Department, the Corporate Secretary's Office, Government Affairs, and the Finance organization, to carry out various legal and ethical compliance programs and services.
+ Investigations:
+ Function as part of investigation working groups and utilize internal and external investigative and audit resources by (1) ensuring investigations are handled promptly, fairly and resolved consistently, (2) ensuring matters appropriate for investigation receive timely follow-up, and (3) leading and/or providing guidance on investigations.
+ Provide legal advice and tactical direction to auditors, investigators, and human resource managers in FCPA, commercial bribery, business ethics, and other internal investigations.
+ Advisory:
+ Guide business partners and staff departments on day-to-day operational issues relating to or arising out of internal compliance programs and policies.
+ Research & Knowledge Management:
+ Support legal compliance knowledge management efforts and initiatives.
+ Develop legal compliance expertise and maintain regulatory enforcement intelligence in APEC jurisdictions.
+ Monitor compliance statutes, regulations, and case law related to areas of importance to the Company and the global business environment.
+ Training & Publications:
+ Develop and provide legal compliance training to sustain the Company's confidence in local compliance and to ensure vigilance against non-compliance with a strong focus on the US FCPA, UK Anti-Bribery Act, OFAC, anti-trust laws and data protection laws in all relevant jurisdictions.
+ Work with designated business leaders and other compliance offices within the Company to maintain a multi-faceted training and awareness program that focuses on key areas of compliance risk and seeks to ensure that all appropriate employees and management are cognizant of their legal duties under applicable laws and corporate policies
**Data Protection and Privacy**
+ Governance & Strategy:
+ Support the Company's Privacy & Information Security Continent Committee and other governance groups. Responsibilities include developing meeting agendas and minutes, coordinating materials, presenting updates, and providing advice at governance and strategy meetings.
+ Legal research and analysis:
+ Monitor and document data protection and privacy developments within APEC, in coordination with APEC and Global Privacy teams.
+ Conduct legal reviews of national regulations, agency rules, national standards, and enforcement guidelines in APEC.
+ Support the APEC privacy team in tracking and assessing data protection and privacy regulatory requirements and identifying implications for the company's operations and business activities in APEC.
+ Support the APEC privacy team in communicating legal updates and insights to senior management and other appropriate groups.
+ Gap identification, remediation, and compliance projects:
+ Perform gap and risk assessments based on identified applicable data protection and privacy regulations.
+ Support the APEC privacy team in carrying out remediation and compliance project planning, project discovery, project execution, progress tracking, cross-disciplinary working group coordination, implementation, and workstream troubleshooting.
+ Provide updates and reports about the status of gap identification, remediation, and compliance projects, and escalate regulatory issues, to the APEC privacy team and appropriate stakeholders.
+ Carry out contract review and legal drafting to support risk assessment, due diligence, internal remediation, and the overall data protection and privacy compliance efforts in APEC.
+ Legal advisory, compliance training, and contract and policy drafting and support:
+ Support business units with legal advice, privacy assessments, guidance, contract drafting, contract review, and contract negotiation in respect of business projects and initiatives relating to APEC.
+ Administer, maintain, and improve company internal control privacy policies, procedures, processes, plans, and standards to comply with regulatory requirements in APEC.
+ Develop, review, and maintain training material and guidance, and deliver privacy and data protection training as appropriate.
+ Incident response and regulatory interactions:
+ Provide legal advisory services, with support from external counsel as appropriate, on data protection and privacy incidents, investigations, inquiries, and complaints, including support in responding to data subject rights requests.
+ Interact and communicate with national and local authorities in respect of data protection and privacy matters, in collaboration with the APEC and Global Privacy teams, and other relevant business units.
+ Collaborate with Global Information Security and other relevant business units to carry out proactive incident response planning, simulation, and after-action reviews, and maintenance and improvement of incident response plans and material.
**LEADERSHIP COMPETENCIES**
CREATE BELONGING
+ Builds relationships by promoting an environment of collaboration, trust, respect, opportunity, and inclusion.
+ Monitors partner/customer feedback, satisfaction, and relevant metrics to deliver enhanced services.
+ Applies existing data and resources to create innovative service strategies.
+ Seeks out, builds, and maintains diverse partnerships/ relationships across the company and industry.
LEAD CHANGE
+ Courageously leads change and innovation, inspires others through optimism, and adapts to changing business needs.
+ Engages in effective change management processes such as presenting the need for change in a way that encourages commitment and action, developing strategies and providing resources to implement desired changes, while managing stakeholders' expectations.
+ Keeps leaders informed about key issues, communicates effectively, and courageously influences others to support a point of view, gain alignment, or take action.
+ Models, coaches, and holds others accountable for displaying a leadership style that conveys confidence, optimism, gains respect from others, and is dedicated to leading ethically and with a high degree of integrity.
LEARN & EXCEL
+ Applies professional expertise while seeking out and integrating diverse perspectives and learning opportunities.
+ Secures resources and creates opportunities for self and others to improve performance through stretch assignments and other professional development activities.
+ Creates an environment where continuous learning is valued and encouraged and holds others accountable for maintaining and sharing current knowledge on industry and discipline trends, competitors, and advanced technical knowledge in their area of expertise.
+ Makes sound business decisions by monitoring industry trends, market dynamics, and business environment to identify opportunities for improvement and adjust priorities as needed.
+ Builds partnerships across diverse teams to solve complex issues and improve performance.
DELIVER RESULTS
+ Sets ambitious goals, creates alignment, and drives execution.
+ Coordinates with other departments and teams to set clear responsibilities for each group, as well as communicates clear expectations about how departments, teams, and individuals contribute to success.
+ Establishes clear standards, expectations, timelines, and budget requirements.
+ Identifies and focuses on business opportunities that have the highest value for the Company.
+ Manages workloads by prioritizing tasks and delegating assignments appropriately, helping others understand work requirements, and obtaining resources departments and teams need to accomplish their work.
_Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law._
Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work,? **begin** your purpose, **belong** to an amazing global? team, and **become** the best version of you.