Senior Manager - Data Governance

Role Purpose: Data Governance Specialist will co-ordinate, embed and monitor data protection and compliance in accordance with SBI card policies and procedures and applicable regulations. Individual in this position is to assist Data Governance & TPR Management Lead in formation and implementation of data governance framework, policy, and standards. Should also be responsible for conducting Data security audits / assessments at the vendor locations falling under his/her scope.

Role Accountability

1. Evaluating the effectiveness of the Data security controls in business process, conducting on-site audits, including reviewing documents, observing processes, and testing controls.
2. Preparing audit reports that clearly articulate findings and recommendations for improvement.
3. Identifying and define Critical Data Elements (CDEs), Business Term, Business Rules, Data Sets, Data Attribute, Classifications, Report Attribute etc. within business operation process
4. Manage control structures within a simple environment to ensure accuracy, integrity, and quality of data through all upstream and downstream data channels.
5. Conduct Data security specific risk assessments/testing from information security perspective using ISO27001, PCI-DSS, UIDAI and RBI framework to meet the organization standards & policy requirement.
6. Ensure that the Data Security risks are identified, recorded, reported, and managed properly throughout the lifecycle of Risk Management framework.
7. Drive and Track remediation of Risk, further perform remediation testing.
8. Partner with business stakeholders across the company to raise awareness of information security, Data protection & risk management concerns.
9. Monitor and report on data governance compliance, identifying and addressing any non-compliant areas.
10. Act as a subject matter expert to assist the business in identifying and mitigating data security /exposure risks on their vendor relationships.
11. Supports the reporting of Key Performance Indicators (KPIs), metrics and other management needs.
12. Continuously review and improve data governance processes and procedures to ensure they are up-to-date and effective.

Stakeholder/Vendor Management

1. Effectively manage cross-functional internal team third-party vendors for Data Governance Program
2. Maintain relationship with IT, Business Teams and Suppliers (Third Parties) to ensure control effectives across environment

Functional areas

1. Risk Management & Governance, IT Management and Business Functions
2. Stakeholders: IT Teams, Business Operations Team, Third Party/Suppliers

Measures of Success

1. Successful number of Data Security Assessment/Audit completed for Vendor location
2. Increase in maturity of vendor risk Programs (Adoption & Capabilities).
3. Development and maturity of the Data Security and Third-Party risk profiling of SBI Card
4. Successful completion of data governance related projects & Initiatives within the budgeted timeline and cost
5. Delivery of project plans, milestone updates, presentations, assessment reports and communications to senior management and other relevant stakeholders

Technical Skills / Experience / Certifications

1. Overall Experience: 8-10 Years and Relevant Team handling/domain Experience: 5-7 Years.
2. In-depth knowledge of the data governance industry best practices, business and technology issues related to management of enterprise data assets and approaches related to data protection.
3. Strong experience of regulator mandated programs with complex coordination requirements
4. Experience in a Data related field (Data Management, Records Management, Data Privacy, Information Security).
5. Understand Data Security and Governance controls are inline to standards & frameworks such as DAMA, EDMC
6. PCI-DSS, ISO27001 & audit experience. Strong ability to devise, drive and implement standard processes and best practices (both from a security and risk perspective) for all the suppliers.
7. Ability to collaborate, challenge and influence peers. Passion for project-based execution and process improvement.
8. Good Documentation, Communication, presentation, interpersonal Skills
9. Well versed with key Data Security risks and mitigations (technology and manual) around database integrations & implementations
10. Demonstrated ability to excel both independently and as a team member in a lively, collaborative environment.
11. Excellent written and verbal communications skills with a demonstrated ability to make difficult concepts easy to understand.
12. Industry-standard certifications such DCPP (DSCI Certified Privacy Professional), DSCI Certified Privacy Lead Assessor (DCPLA), CIPP/E etc.
13. Experience managing Data Privacy/Security service providers/supplier relationships.

Competencies critical to the role

1. Demonstrate skills to achieve stated objectives.
2. Demonstrate communication skills to address different audiences.
3. Demonstrate self-starter with ability to gain required knowledge in dynamic environments and remain up to date on cutting-edge technologies.
4. Demonstrate teamwork & collaboration.
5. Demonstrate analytical, troubleshooting, and problem-solving skills.

Qualification

Bachelor’s Degree in a related area such as Computer Science or Information Technology or B. Tech

Preferred Industry

BFSI / NBFC /E-commerce/IT & ITES / Telecom