Global Data Privacy Manager

• Lead, manage and continual improvement of the global data privacy compliance program across all geographies and business units.
• Analyse and interpret complex international privacy laws and regulations including:

• GDPR, UK GDPR, CPRA, PIPEDA, PDPA (Singapore, Malaysia), DPDP, PIPL, and other regional frameworks.
• Requirements around EU/UK cross-border data transfers, including Standard Contractual Clauses (SCCs), UK IDTA, and Transfer Impact Assessments (TIAs).
• Act as the subject matter expert on data privacy for global clients during due diligence, onboarding, audits, and compliance reviews.
• Develop and maintain privacy policies, standards, and procedures aligned with regulatory requirements.
• Conduct and maintain privacy impact assessments (PIAs), legitimate interest assessments (LIAs), data protection impact assessments (DPIAs), vendor risk assessments, and Records of Processing Activities (RoPA) for data operations across departments/ functions, applications, and client data processing.
• Collaborate with solutioning, technology, and delivery teams to implement privacy-by-design in new offerings and enhancements.
• Partner with information security teams to align on data protection controls, encryption, incident response, and breach notification protocols.
• Support incident response teams in managing privacy breaches, including root cause analysis and reporting.
• Respond to Data Subject Access Requests (DSARs), client audits, and regulatory inquiries across jurisdictions.
• Review, negotiate, and advise on privacy-related contractual documents including:

• Data Protection Addendums (DPAs), SCCs, Master Services Agreements (MSAs), and client-specific privacy terms.
• Monitor legal and regulatory updates across operating geographies and provide guidance on proactive compliance.
• Drive awareness and training programs across delivery centres to promote a culture of compliance and accountability.
• Ensure compliance with data retention, minimization, and privacy obligations throughout the information lifecycle.

• Demonstrated ability to interpret and implement multi-jurisdictional privacy laws in real-world operational and client delivery contexts.
• High level of integrity and trustworthiness; able to handle sensitive information with discretion and professionalism.
• Excellent organizational, facilitation, and project management skills—capable of driving complex, cross-functional privacy initiatives.
• Strong written, verbal, and presentation skills with the ability to communicate effectively across technical and non-technical audiences, including senior leadership and clients.
• Collaborative and proactive mindset with a problem-solving orientation and ability to navigate ambiguity in a dynamic, global environment.

• 6 – 9 years of hands-on experience in data privacy, working in a global organization
• Master's degree or equivalent in Information Security, Law, or related field.
• Certifications such as CIPP/E, CIPM, CIPT, or ISO/IEC 27701.
• Experience supporting client-facing teams with privacy documentation, RFPs, and service-level negotiations.
• Familiarity with tools such as OneTrust, Trust Arc, or internal GRC platforms.

Virtusa