GRC&DataPrivacyAnalyst

**This role is for one of the Weekday's clients ** Min Experience: 4 years Location: Telangana JobType: full-time We are looking for a detail-focused **GRC & Data Privacy Analyst** to become a member of our security team. In this position, you will oversee the upkeep of our integrated risk management framework and play a key role in executing and auditing our data privacy program. You will ensure that our operations comply with international regulations (such as GDPR, PDPA, etc.) while identifying and addressing risks throughout the organization. **Requirements** ### **Key Responsibilities** ### **Governance & Risk Management** * **Framework Alignment:** Oversee and enhance the organization’s security framework, including standards such as ISO 27001, SOC 2, and Singapore MAS. * **Risk Assessments:** Perform annual and project-specific risk assessments; maintain the Corporate Risk Register and monitor remediation activities. * **Policy Management:** Create, review, and update internal security policies and standards to ensure they accurately represent current business practices. * **Third-Party Risk Management (TPRM):** Assess the security posture of vendors and partners through thorough assessments and due diligence processes. ### **Data Privacy Implementation** * **Privacy Impact Assessments (PIAs/DPIAs):** Lead evaluations of new products or processes to ensure "Privacy by Design" is embedded within the development lifecycle. * **Data Mapping:** Maintain detailed records of processing activities (ROPA) and create data flow diagrams. * **Privacy Operations:** Oversee the Data Subject Access Request (DSAR) process and manage responses to privacy-related inquiries. * **Compliance Monitoring:** Keep track of global privacy law changes and translate these into actionable technical or procedural requirements for IT and Product teams. ### **Compliance & Auditing** * **Internal Audits:** Conduct regular control testing to confirm ongoing adherence to internal policies and