Experience Level Lead Skills Good communication skills are mandatory as it's a client facing role. Preference is for candidates with atleast some lifesciences & pharma experience. Job DescriptionKEY RESPONSIBLIITIESCore DPO / Privacy Operations: • Serve as acting or virtual DPO for multiple client organizations. • Own and maintain Records of Processing Activities (RoPA), Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), data flow maps, and transfer registers. • Advise on lawful basis, consent, and data minimization practices. • Design and run privacy governance models for clients. Regulatory Compliance: Job Description • Ensure compliance with GDPR / UK GDPR, CCPA / CPRA, HIPAA (where applicable), and India DPDP Act. • Monitor regulatory changes and proactively advise clients. • Support audits, inspections, and regulator inquiries. Third-Party & Vendor Privacy: • Review and approve vendors, sub-processors, and data transfers. • Perform privacy risk assessments for CROs, SaaS vendors, labs, and partners. • Support SCCs, TIAs, and cross-border transfer mechanisms. Incident & Breach Management: • Support breach assessment, impact analysis, notification obligations, and regulator communications. • Coordinate with legal, security, and executive teams during incidents. Client Advisory & Enablement: • Act as a trusted advisor to client leadership (Legal, IT, Security, Clinical, Compliance). • Provide training, awareness, and guidance to client teams. • Translate regulatory requirements into practical operational actions. Internal Contribution: • Help develop reusable privacy accelerators, templates, and operating models. • Contribute to sales, scoping, and client onboarding for DPO-as-a-Service.QUALIFICATIONS • 7+ years of experience in privacy, data protection, compliance, or risk roles. • Strong hands-on experience with GDPR operationalisation, not just theory. • Experience working with EU, US, and/or Indian regulatory environments. • Prior experience acting as DPO, privacy lead, or equivalent function. • Ability to work with legal, security, IT, quality, and clinical stakeholders. • Strong documentation, analytical, and communication skills. • Comfortable working with multiple clients in a managed services model.Nice-to-Have / Strongly Preferred: • Life sciences, healthcare, or regulated industry experience (biotech, pharma, med-tech, digital health). Job Description • Experience with clinical trial data, patient data, and CRO / sponsor models. • Certifications such as CIPP/E, CIPM, CIPT, ISO 27701 Lead Implementer / Auditor. • Prior consulting or managed services experience
Job Title
Data Privacy Officer