Manager / Senior Manager – Operational Risk & Data Privacy

Stashfin -
Gurugram, Haryana

Quick apply

Job details

Full-time
2 days ago

Qualifications

SQL
Banking
Python
Analytics

Full job description

We are looking for an Operational Risk professional who can drive ORM frameworks and lead

implementation of India’s Digital Personal Data Protection requirements. The role will work

closely with Risk, Legal, Tech, and Product teams to ensure robust risk governance, data privacy

compliance, and control effectiveness.

Key Responsibilities

Operational Risk Management (ORM)

Develop and maintain RCSA framework, risk registers, and control libraries

Define and monitor KRIs/KPIs across underwriting, collections, technology, and vendor

risk

Conduct risk assessments, control testing, and gap analysis

Track incident management (fraud, tech failures, process breaches) and drive root-

cause closure

Support Board / Risk Committee reporting and governance

Data Privacy & DPDP Implementation

Lead implementation of the Digital Personal Data Protection (DPDP) Act across business

functions

Design and operationalize:

o Data inventory & data flow mapping

o Consent management framework

o Data retention & deletion policies

Work with Legal/Tech to ensure privacy-by-design in systems and processes

Manage data subject rights (access, correction, erasure) workflows

Conduct privacy risk assessments and audits

Policy & Governance

Draft and update:

o ORM policy

o Data privacy policy

o Vendor / outsourcing risk frameworks

Ensure alignment with regulatory expectations (RBI, data protection norms)

Drive policy adherence and exception management

Cross-Functional Collaboration

Work with:

o Tech (data pipelines, access control)

o Product (customer journey compliance)

o Legal (regulatory interpretation)

Support regulatory audits and inspections

Key Skills & Qualifications

Must Have

4–5 years experience in:

o Operational Risk / Risk Analytics / Compliance

o Preferably in NBFC / fintech / banking

Strong understanding of:

o ORM frameworks (RCSA, KRIs, incident management)

o Data privacy principles & DPDP requirements

Experience in policy drafting and control frameworks

Good to Have

Exposure to:

o Digital lending ecosystem

o Data governance / data lineage tools

o Risk analytics / SQL / Python

Experience with regulatory audits (RBI, internal audit)

Key Competencies

Structured problem-solving

Strong stakeholder management

Attention to detail (critical for compliance roles)

Ability to translate regulation → practical implementation

Success Metrics (KRAs)

Timely completion of RCSA & KRI monitoring

Successful DPDP implementation across systems & processes

Reduction in operational incidents / control gaps

Zero major audit / regulatory observations

Strong data governance and privacy compliance posture

Why Join Us

Opportunity to build end-to-end ORM + data privacy framework

Work at intersection of risk, technology, and regulation

High visibility role with leadership exposure

Work Location: In person

Quick apply

Jobseeker tools

Employer Tools

Browse

Stay Connected