Data Privacy- Consultant

About Us:

A leading professional services firm with over 135,000 people working together to deliver value in more than 140 countries by providing deep industry insights in Audit, Tax & Advisory. Recorded over US$20 billion dollars in revenue in 2008. The joint venture office (KGS – KPMG Global Services) of KPMG LLP, KPMG Europe and KPMG India is seeking enthusiastic business strategy professionals to help strategize, develop, and execute future growth plans.

Designation: 

Data Privacy Senior Consultant

Experience: 

Consultant: 3-6 years of experience in data privacy and cyber security

Language:

English

Certifications:

• At least 1 or 2 of the below certifications:
  • CIPT, CIPM, CIPP/E/US
  • ISO 27701 Lead Auditor/Implementor 
  • CISSP
  • CDPSE
  • CDPO
  • DCPP
  • CISM

Skills:

• Excellent Team player
• Excellent communication and presentation skills
• Excellent report writing skills 
• Problem solving skills
• Privacy by Design
• DPIAs
• Data Privacy Incident Management 
• Privacy Impact Analysis
• ISO 27701, PCI-DSS, HIPPA, SOX, GDPR 

Experience

• Experience in international standards and local regulatory requirements related to data privacy and protection e.g. ISO 27701, GDPR, CCPA, ISO 27001, PCI DSS, IT Act/ Personal Data Protection Bill etc.
• Proficient in the following areas of data privacy:
  • Development and review of data privacy and protection strategies
  • Data Protection Impact Assessments 
  • Development of data privacy framework including TOM, policies, procedures, and templates
  • Development & implementation of data privacy processes (e.g. Consent Management, DSAR requests, Data Privacy incident management, etc.)
  • Third-party privacy reviews
  • Audits against ISO 27701, GDPR, CCPA, ISO 27001, PCI DSS, PDPA, etc. 
• Experience in using well-known products related to privacy management, data discovery, data classification/labeling and data security will be an advantage
• Good to have knowledge in following areas related data protection:
  • Data Discovery of structured/unstructured data
  • Data Classification and Labelling
  • Data Security cryptographic controls
  • Data Loss Prevention 
  • Digital Rights Management 
  • Endpoint Security

Responsibilities:

• Execute projects related to data privacy gap assessments/Audits, building strategies, frameworks, solution designs and implementation related to data privacy and protection.
• Be part of project communications involving technology partners and member firms
• Documentation of project deliverables.
• Ensure quality in project deliverables
• Be part of all client presentations.
• Assist PM's and clients in all project management meetings including:
  • Privacy and information security
  • Gap analysis and impact analysis of regulations
  • Status updates
  • Audit / technical assessment reports
• Develop, drive and review data privacy frameworks including TOMs, policies, procedures and templates, that align with data privacy laws and regulations.
• Perform Data Privacy Impact Assessments to identify privacy issues early, reduce privacy risk and cost through corrective actions. 
• Review and maintain the privacy management workflows that enables clients to identify, log, investigate and resolve data privacy-related issues in accordance with industry best practices.
• Deliver quality deliverables to clients along with development of compliance risk assessments.
• Participation in proposition of services to the client (proposal writing)
• Provide privacy, data protection and information security trainings.
• Adhere to project management guidelines
• Adhere to the firm's risk management guidelines.

About Us:

A leading professional services firm with over 135,000 people working together to deliver value in more than 140 countries by providing deep industry insights in Audit, Tax & Advisory. Recorded over US$20 billion dollars in revenue in 2008. The joint venture office (KGS – KPMG Global Services) of KPMG LLP, KPMG Europe and KPMG India is seeking enthusiastic business strategy professionals to help strategize, develop, and execute future growth plans.

Job Requirements:

We are seeking enthusiastic & technically savvy professionals to support the current team with the execution and management of engagements in our current and future Client portfolio.

• Information Security Governance, Privacy and Compliance and Security Assessment experience with a focus on IT and IS Risk Assessments and program reviews / establishment.
• Understanding on ISO 27001/ NIST 800-53/ PCI-DSS
• Interacting with onshore engagements and clients directly performing Vendor or Third-party security assessments
• Business Continuity planning and Disaster Recovery implementation and review experience.
• Perform remote assessments independently.
• Independently write reports of the assessments based on the discussions during remote reviews.
• Perform second level quality review of the reports written by peers/junior resources

Profile:

• 4+ years Information Security Governance, Privacy and Compliance and Security Assessment, experience, with a focus on IT and IS Risk Assessments and program reviews / establishment.
• Familiarity with and demonstrated experience assessing against the BS ISO/IEC/SIG 
• 27002:2005 BS 7799 standard domains, BS 25999 including Risk Assessment; Security policy; Organization of Information Security; Asset Management; HR Security; Physical and Environmental Security; Communications and Operations Management; Access Control; IS Acquisition, Development and Maintenance; IS Incident Management; Business Continuity Management; and Compliance.
• Broad understanding of Information Security trends, services and disciplines and experience applying them in dynamic environments.

Soft Skills:

• Strong client interaction skills, both written and verbal
• Highly Fluent in English – verbal and written

Additional Qualification: 

• Prior consulting experience with big 4 or large clientele is preferable. 
• CISA/ CISSP/ CISM/ CIPP/ ISO 27001 is preferable.

KPMG is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.

About Us:

A leading professional services firm with over 135,000 people working together to deliver value in more than 140 countries by providing deep industry insights in Audit, Tax & Advisory. Recorded over US$20 billion dollars in revenue in 2008. The joint venture office (KGS – KPMG Global Services) of KPMG LLP, KPMG Europe and KPMG India is seeking enthusiastic business strategy professionals to help strategize, develop, and execute future growth plans.

Designation: 

Data Privacy Senior Consultant

Experience: 

Consultant: 3-6 years of experience in data privacy and cyber security

Language:

English

Certifications:

• At least 1 or 2 of the below certifications:
  • CIPT, CIPM, CIPP/E/US
  • ISO 27701 Lead Auditor/Implementor 
  • CISSP
  • CDPSE
  • CDPO
  • DCPP
  • CISM

Skills:

• Excellent Team player
• Excellent communication and presentation skills
• Excellent report writing skills 
• Problem solving skills
• Privacy by Design
• DPIAs
• Data Privacy Incident Management 
• Privacy Impact Analysis
• ISO 27701, PCI-DSS, HIPPA, SOX, GDPR 

Experience

• Experience in international standards and local regulatory requirements related to data privacy and protection e.g. ISO 27701, GDPR, CCPA, ISO 27001, PCI DSS, IT Act/ Personal Data Protection Bill etc.
• Proficient in the following areas of data privacy:
  • Development and review of data privacy and protection strategies
  • Data Protection Impact Assessments 
  • Development of data privacy framework including TOM, policies, procedures, and templates
  • Development & implementation of data privacy processes (e.g. Consent Management, DSAR requests, Data Privacy incident management, etc.)
  • Third-party privacy reviews
  • Audits against ISO 27701, GDPR, CCPA, ISO 27001, PCI DSS, PDPA, etc. 
• Experience in using well-known products related to privacy management, data discovery, data classification/labeling and data security will be an advantage
• Good to have knowledge in following areas related data protection:
  • Data Discovery of structured/unstructured data
  • Data Classification and Labelling
  • Data Security cryptographic controls
  • Data Loss Prevention 
  • Digital Rights Management 
  • Endpoint Security

Responsibilities:

• Execute projects related to data privacy gap assessments/Audits, building strategies, frameworks, solution designs and implementation related to data privacy and protection.
• Be part of project communications involving technology partners and member firms
• Documentation of project deliverables.
• Ensure quality in project deliverables
• Be part of all client presentations.
• Assist PM's and clients in all project management meetings including:
  • Privacy and information security
  • Gap analysis and impact analysis of regulations
  • Status updates
  • Audit / technical assessment reports
• Develop, drive and review data privacy frameworks including TOMs, policies, procedures and templates, that align with data privacy laws and regulations.
• Perform Data Privacy Impact Assessments to identify privacy issues early, reduce privacy risk and cost through corrective actions. 
• Review and maintain the privacy management workflows that enables clients to identify, log, investigate and resolve data privacy-related issues in accordance with industry best practices.
• Deliver quality deliverables to clients along with development of compliance risk assessments.
• Participation in proposition of services to the client (proposal writing)
• Provide privacy, data protection and information security trainings.
• Adhere to project management guidelines
• Adhere to the firm's risk management guidelines.