3,201 Privacy Engineer jobs in India

Common accountabilities:

- Works autonomously within defined processes and procedures or methodologies, takes standard decisions and may support the development of solutions to complex problems of a recurring nature.
- Receives instruction, guidance and direction from more senior level roles or manager, with regular monitoring on the status of the assignments.
- May have specialized formal education or the equivalent work experience and has the required technical and functional skills and basic knowledge of the business.

Specific accountabilities:

Test strategy
* Attend to specification/architecture reviews (also on customer specification reviews when applicable), and provide feedback along with any potential impact, risk, issue or missed gap based on experience,
* Define test strategy and test plan containing test cases (functional and non-functional), ensure traceability with specifications and customer requirements,
* Ensure compliance of test strategy with CI/CD guidelines, Green IT guidelines and all quality guidelines (SDL, STDL), QA best practices/standards from the industry (ISTQB.),

Test expertise
* Design test cases and write test case scripts
* Prepare test environment, test data, and execute test cases
* Provide sign-off (go/no-go) on tested features based on defined exit criteria

Test automation
* Assess necessity to automate subset of (or all) test scripts
* Use test automation framework and contribute to its improvement

Defect management
* Open defects for software or documentation, assign relevant level of severity based on the importance of the issue, provide relevant investigation and information in order to fix defects
* Check defect fix, and give go/no-go for the load of production defects

Reporting
* Report and communicate on test activities to the line organization, software developers and product definitions analysts
* Provide visibility on testing campaign/milestones to all stakeholders

Quality assurance ambassador
* Show accountability for the project, product or release quality control

Technicity
* Efficiently use QA tooling stack and frameworks
* Be proactive about any issue/change that is likely to affect QA peers daily job

Continuous and sustainable improvement
* Participate to the understanding, measurement and reduction of the environmental impact of the tested applications and associated QA activities

Teamwork makes the stream work.

Roku is changing how the world watches TV

Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers.

From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines.

About the team

The mission of Roku's Data Engineering team is to develop a world-class big data platform so that internal and external customers can leverage data to grow their businesses. Data Engineering works closely with business partners and Engineering teams to collect metrics on existing and new initiatives that are critical to business success. As Senior Data Engineer Privacy, you will contribute to Roku’s Big Data Platform’s architecture design, data modelling and ETL to ensure compliance with privacy requirements. This position is a key role for Roku's business to understand our users while complying with data privacy regulations.

About the role 

As a Sr. Data Engineer focused on Data Privacy, your primary responsibility will be to design, implement, and maintain robust data privacy measures within the organization. You will collaborate with cross-functional teams to ensure compliance with privacy regulations, conduct risk assessments, and develop strategies to safeguard sensitive information. Additionally, you will play a key role in enhancing data governance frameworks and educating stakeholders on best practices to uphold the highest standards of data privacy and security. 

This role requires hybrid working, you will be based in Bangalore. 

What you’ll be doing 

We’re excited if you have 

Benefits

Roku is committed to offering a diverse range of benefits as part of our compensation package to support our employees and their families. Our comprehensive benefits include global access to mental health and financial wellness support and resources. Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension). Our employees can take time off work for vacation and other personal reasons to balance their evolving work and life needs. It's important to note that not every benefit is available in all locations or for every role. For details specific to your location, please consult with your recruiter.

The Roku Culture

Roku is a great place for people who want to work in a fast-paced environment where everyone is focused on the company's success rather than their own. We try to surround ourselves with people who are great at their jobs, who are easy to work with, and who keep their egos in check. We appreciate a sense of humor. We believe a fewer number of very talented folks can do more for less cost than a larger number of less talented teams. We're independent thinkers with big ideas who act boldly, move fast and accomplish extraordinary things through collaboration and trust. In short, at Roku you'll be part of a company that's changing how the world watches TV. 

We have a unique culture that we are proud of. We think of ourselves primarily as problem-solvers, which itself is a two-part idea. We come up with the solution, but the solution isn't real until it is built and delivered to the customer. That penchant for action gives us a pragmatic approach to innovation, one that has served us well since 2002. 

Job Title: Manager – Information Security

Job Summary

We are seeking an accomplished Information Security professional with extensive experience in cybersecurity best practices, enterprise security architecture, data protection, first-line information security risk management, and conducting security assessments. The Manager – Information Security will be instrumental in developing, evaluating, and ensuring alignment with cybersecurity controls and policies, maintaining compliance with standards, and embedding security into the organization’s products, services, and technology infrastructure. This position demands a subject matter expert capable of bridging the gap between security policy, risk, and technical implementation. A solid understanding of the latest security frameworks and technologies, including Cloud and AI, is essential to effectively inform and support risk-based decision-making.

Key Responsibilities

Cybersecurity Policy & Governance

• Develop, review, and maintain cybersecurity policies, standards, and procedures consistent with NIST, Cloud Security Alliance, CIS, and other global security frameworks.
• Convert identified security risks into policy requirements while ensuring alignment with business objectives.
• Work with security, engineering, architecture, and operational teams to confirm that policies are technically feasible and provide guidance on implementing and enforcing controls.

Risk Management and Assessments

• Function as a security specialist, providing advisory support or directly conducting comprehensive risk assessments and control gap analyses across services, products, infrastructure, and applications.
• Offer recommendations and guidance on effective risk mitigation strategies that align with business objectives and maintain appropriate security standards.
• Track emerging threats, evolving industry standards, best practices, and regulatory changes in order to proactively advise on necessary updates to policies, controls, or other measures required to strengthen and modernize our risk management posture.

Security Architecture

• Provide guidance on secure cloud, network architecture, segmentation, and system hardening.
• Work with engineering teams to monitor and maintain secure configurations and access controls.
• Lead or advise on security reviews of new technologies and system changes.
• Carry out Security Architecture Integration by conducting ongoing or targeted architecture reviews to confirm that security is incorporated, integrated, and verified in designs and implemented services.
• Establish and uphold architectural security principles throughout the technology and services ecosystem.
• Assess and integrate security tools and technologies to support the enterprise security posture.

Security Assurance and Attestations

• Maintain documentation and evidence repositories to facilitate internal and external support.
• Utilize platforms such as SharePoint and Jira to ensure optimal assessment preparedness.
• Collaborate with control owners to monitor, address, and close findings efficiently.

Awareness & Communication

• Develop and implement cybersecurity awareness programs designed for both technical and non-technical teams.
• Prepare concise communications regarding policy changes, risk advisories, and incident notifications.
• Deliver training sessions to stakeholders on security controls and risk management procedures.

Required Qualifications

• Bachelor’s / Master’s degree in Information Security, Computer Science, or related field.
• 12 – 15 years of experience in Information Security with a strong focus on risk management, network security, and security architecture.
• Hands-on experience in system/network administration (Windows/Linux/Cloud).
• Deep understanding of frameworks such as ISO 27001, NIST, PCI DSS, and COBIT.
• Proven experience in drafting and implementing security policies and technical standards.
• Strong knowledge of identity lifecycle management and access governance.
• Experience with audit documentation and evidence management tools (e.g., SharePoint, Jira).
• Excellent communication and stakeholder engagement skills.

Preferred Qualifications

• Certifications: CISSP, CISM, CISA, CRISC, or equivalent.
• Experience with GRC platforms and risk assessment methodologies.
• Familiarity with regulatory standards such as GDPR, CCPA, and other data protection laws.
• Exposure to cloud platforms (Azure, AWS) and security tools (e.g., Defender, CrowdStrike, Tenable).
• Knowledge of enterprise architecture frameworks and secure design principles.

The Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001:2022, ISO 27002, and SOC 2 standards for clients. This role involves working independently or alongside senior consultants to help clients achieve and maintain information security compliance and other best practices. The consultant will focus on assessing and ensuring compliance with key security frameworks and will provide vCISO support to various clients.

Key Responsibilities:

ISO 27001/27002 Compliance:

• Assist clients in achieving ISO 27001 certification by identifying and implementing the appropriate controls within the audit scope.
• Verify compliance with ISO 27001/27002 controls and provide recommendations for improvement.

SOC 2 Compliance:

• Assist clients in achieving SOC 2 compliance by identifying and implementing the appropriate Trust Service Criteria (TSCs).
• Conduct SOC 2 compliance assessments and ensure the proper implementation of required controls.

Risk Assessment and Mitigation:

• Conduct risk assessments of business activities, collaborating with stakeholders to manage risks until closure or acceptance.
• Provide actionable recommendations to mitigate identified risks.

Policy and Procedure Development:

• Define, develop, and review information security policies, procedures, guidelines, forms, and templates in line with best practices.
• Ensure documentation is up-to-date and aligned with industry standards.

Baseline Standards Review:

• Create and review baseline standards for operating systems, databases, web servers, and applications.
• Recommend improvements based on security assessments.

Post-Implementation Audits:

• Support post-implementation audits for ISO 27001:2022 to ensure ongoing compliance.
• Monitor and assess adherence to established information security standards.

Information Security Awareness:

• Create and execute organizational information security awareness programs.
• Conduct training sessions to ensure employees are knowledgeable about security best practices.

Security Standards Compliance:

• Assist clients in ensuring compliance with various security standards (ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, etc.).
• Recommend strategies to ensure long-term adherence to security best practices.

Incident Response:

• Develop and implement incident response plans to handle security breaches and cyberattacks.
• Ensure that clients have clear, actionable plans to address potential security incidents.

Gap Assessment:

• Conduct gap assessments to identify areas of non-compliance and provide remediation strategies.

vCISO Support:

• Provide virtual Chief Information Security Officer (vCISO) support to clients, advising on information security strategy and governance.

Skills and Qualifications:

Technical Skills:

• Strong background in Information Technology and/or Cybersecurity .
• Proficiency in auditing, policy development, database security, firewall design, risk analysis, identity management, access control, and web security.
• Knowledge of security frameworks including ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, and other industry best practices.
• Hands-on experience with ISO 27001:2022 and SOC 2 implementations and assessments.
• Strong understanding of risk management and the ability to assess and mitigate security risks.

Presales and Communication Skills:

• Excellent client-facing communication skills.
• Strong problem-solving abilities and the capacity to work effectively in a team environment.
• Ability to communicate complex technical concepts to both technical and non-technical audiences.
• Demonstrated ability to deliver presentations and conduct training sessions.