Manager - Data Privacy

About Zeta

Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded byBhavin Turakhia and Ramki Gaddipati in 2015.Our flagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 20M+ cards have been issued on our platform globally.Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios.Zeta has over 1700+ employees - with over 70% roles in R&D - across locations in the US, EMEA, and Asia. We raised $280 million at a $1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @ www.zeta.tech,careers.zeta.tech,Linkedin,Twitter

About the Role

This role is part of the Risk and Compliance team, division of Zeta. The Privacy and Compliance Leader is responsible to ensure all enterprise and cloud infra and services with respect to various privacy regulations applicable as per geo requirements.

Responsibilities

• Strategize and provide vision, governance, compliance, and road-map and upgrade data privacy and protection program/practice continuously
• Sustain, Update, and improve privacy programs including processes, policies, and guidelines per various privacy regulations like GDPR (EU & UK), CCPA, IDPR, LGPD, DPDP, and sustenance of ISO 27701 Latest.
• Perform auditing and compliance activities to ensure privacy framework effectiveness and provide recommendations for improvement Managing customer requirements and business support for privacy and data protection
• Conducting Privacy Assessment/Privacy Impact Assessment, suggest suitable corrections.
• Upgrade, sustain, and improve various processes and implement controls applicable for privacy and data protection requirements for various country-specific privacy laws including but not limited to i.e., GDPR, LGPD, CCPA, PDPB, ISO 27701, and SOC 2 Type 2 (SSAE 18)
• Provide necessary training and charter to all the Zeta teams, stakeholder management, legal and marketing, and Business
• Close coordination for Business Support, agreements, and contracts. Responsible for third-party risk assessments concerning privacy
• Privacy GRC Implementation and automation Ensure all the services, as well as operations, are Privacy compliant from processor and controller perspective
• Review relevant data privacy laws and provide inputs on product implementation on Privacy as a Subject Matter Expert and address various data privacy continuously into products and services as Controller, Processor and sub processor. Review, upgrade, and implement Privacy guidelines from RBI, NPCI, and DPDP for India and other Geo regulations for EU, UK, and USA.
• Monitor and measure privacy program implementation through internal audits, management reviews, and metrics.
• Act as DPO, handling privacy incident management, breach management, and data subject rights (DSR) management.
• Liasoning with customers, external entities, and regulators for privacy and data protection-related issues.
• Management reporting and escalation management and timely intervention to avoid privacy incidents or breaches.
• Represent Zeta and Privacy forums
• Maintaining ISO 27001, PCI DSS, SSAE 18, GDPR, UIDAI etc. Security and Compliance Standards.

Skills

• Thorough understanding of various Data privacy regulations and privacy concepts
• Privacy Certifications like CIPP, CIPT, DCPP, and DCPLA preferably10 to 15 years of overall experience in Security and Privacy implementation in BFSI/Fin-tech/Payments domain especially the last 5 years as a Privacy Officer/ Privacy Manager or as DPO.
• A good understanding of ISO 27001/2, ISO 27018, NIST CSF, etc is desirable
• Excellent written and oral communication and a penchant for technical documentation

Experience and Qualifications

• Experience of General Data Protection Regulation (GDPR, CCPA, ISO 27701 Latest and DPDP implementation
• Experience in performing PIA, DPIA, Data mapping etc.
• Experience in Privacy Assessment & Vendor Risk Assessment and respond to client Request for Proposal (RFP)
• Bachelor of Technology (BE/B.Tech), M.Tech or ME in Computer Science, MCA or equivalent is preferred.

Equal Opportunity

Zeta is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all backgrounds, cultures, and communities to apply and believe that a diverse workforce is key to our success