Job Description
PositionSenior Manager – Internal Controls
Incumbent
- DepartmentInternal ControlsFunctionOperationsReporting toVP- Internal Controls (Band 3a)Band4aLocation90 C Udyog Vihar GurgaonTeam size (D/I)
I
JOB SUMMARY
The role involves strategizing, implementing overseeing comprehensive data privacy initiatives to safeguard sensitive data and promote culture of privacy within organization. This will require candidate to work closely with stakeholders in different teams such as Data Privacy, Operations, Underwriting, Digital, Legal, Risk, other functional owners responsible for data processing for effective implementation of privacy initiatives. Providing independent and effective assurance to SLOD for privacy controls in order to protect assets and be compliance to Act and guidelines.
Own and program manage spurious call agenda for the organization; wherein, the candidate is expected to work with closely all relevant stakeholders including operations, marketing, internal investigation team, technology team, Legal team and all relevant support function within the organization to enhance the risk posture on the mentioned agenda.
KEY RESPONSIBILITIES
Data Classification Risk Assessment
- Identify, classify, categorize regular monitoring of sensitive and personal data within the organization
- Support enterprise initiatives like Data anonymization, masking etc
Compliance Monitoring
- Support in ensuring compliance with Data Privacy laws and regulations
- Plan, prepare and coordinate Data Privacy reviews with stakeholders
- Remediation and governance of action plan and closure of remediation within applicable timelines
- Annually review Data Flow Diagram (DFD) and Record of Processing activities( RoPA). Responsible for creating RoPA and DFD for new process
- Assist in conducting DPIA for new processing activities update for existing activities
- Responsible for annual compliance and Privacy COMS tasks
Data Subject Rights Management
- Monitor and assist with Data principal requests (Access/ Correction/Deletion/ Nominate)
Vendor 3rd party management
- Responsible in 3rd party risk assessment and ensure vendors are adhering to standards laid by AMLI
- Review and assess third-party privacy practices to ensure data shared externally is protected
Training Awareness
- Drive privacy related training to employees and vendor at all levels to enhance awareness and understanding.
Spurious Call Management
Program manage Spurious Call Agenda by working closely with all relevant stakeholders
Drive awareness agenda with the customer basis the learnings emanating
Perform assessment with respect to Segregation of Duties (SOD) and Access Control management
Drive periodic engagement with the leadership on Spurious Call matters
SKILLS
Analytical and problem solving skills
Large project program management
Strong written and verbal communication skills
High work ethics and ability to partner with different stakeholders
Strong influencing, networking and advisory skills
Ability to balance business objectives with privacy requirements.
Proficient in collaborating across diverse teams, Businesses and functions.
Detail-oriented and capable of handling sensitive information with discretion
Measures of Success
Timely closure of all gaps emanating from assessments
Accuracy and complete visibility and traceability of data flow in organization
Privacy Risk culture awareness and adoption across the function
Reduction in spurious call
Timely consequent management and closure of cases investigated
Knowledge of Data Privacy laws and regulations
- Having 4-5yrs+ experience in Data Privacy Ops
- Detailed knowledge of operational processes in Life insurance industry
Experience in privacy tools, data protection practices would be added advantage
- Proven experience in a senior data privacy or compliance role, preferably in a complex organizational setting
