Associate Director | Not Applicable | Mumbai | OGC/Legal

Qualifications · A degree in law or membership of the Institute of Company Secretaries of India or Institute of Cost Accountants of India or the Institute of Chartered Accountants of India. · Preferably, graduation or diploma in Science, IT or engineering. · Certifications such as IAPP, DCPP, ISO 27001:2022 preferred., · Working knowledge of data privacy frameworks such as NIST, ISO 27701:2019 is preferred. Work Experience · Minimum 10-12 years of post-qualification experience with extensive experience in implementing data privacy processes and practices in large organisations. · Experience in drafting and reviewing privacy policies and practices and undertaking privacy impact assessment. · Good conceptual understanding Digital Personal Data Protection Act, 2023 and other sectoral laws, foreign data protection laws and regulations (e.g., GDPR), their nuances, challenges and risk -based solutions to address them. · Experience with privacy by design concepts and working with client-facing and in-house support teams to integrate privacy compliance into process, systems and people practices. · Working knowledge of how IT applications, infrastructure and architecture can be adapted to manage and reduce data privacy risk. · Experience in drafting and reviewing Data Protection and Data Transfer Agreements between EU and non-EU entities. · Experience in dealing with external regulatory authorities, preferably on privacy matters. · Drive, initiative and leadership skills. Skills and Capabilities · Ability to interact with senior professionals - articulate with clarity and confidence. · Self-motivated, team-player, drive to lead and complete projects in a timely manner in a complex environment. · Ability to quickly adapt to Deloitte's culture and way of working, appreciation of business policies and processes while providing implementable privacy solutions. · Solid analytical skills, ability to apply these to practical situations, and a solution-oriented, pragmatic approach to balance risk and reward. The following are important, among others: o Risk spotting ability – the candidate must be able to quickly assess the risk areas and recommend ways of mitigating or managing them. o Strong analytical skills - should be able to use judgment, analyse facts and draw logical conclusions. o Risk mitigation – problem solver attitude, and quick-thinking ability and resourcefulness in finding approaches to manage or mitigate identified risks.

Deloitte's global principles of business conduct Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited ("DTTL"), its global network of member firms, and their related entities (collectively, the "Deloitte organization"). DTTL (also referred to as "Deloitte Global") and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. © 2025. For information, contact Deloitte Global.