Find us on LinkedIn too 👉
MUFG Pension & Market Services logo

Data Privacy Officer

MUFG Pension & Market Services
15 days ago
Full-time
On-site
Mumbai, Maharashtra, India
Data Privacy

Overview

At MUFG Pension & Market Services India Private Limited (“MPMS”) we are committed to ensuring that all of personal data is protected and that our work complies with applicable data protection regulation, including Digital Personal Data Protection Act, 2023 (“DPDPA”). legislation. We are seeking a Data Privacy Officer (“DPO”) responsible for ensuring compliance with DPDPA and other applicable data protection regulations. The DPO will oversee and drive compliance to the privacy framework for India legal entities of MPMS and have the following responsibilities. 
  • Advise on obligations, risks, and issues related to personal data protection, privacy matters ensuring clear interpretation and application of the regulatory requirements.
  • Implement and oversee a sustainable privacy framework—covering policies, processes, controls, and reporting mechanisms—to ensure full compliance with the DPDPA and all other applicable data protection regulations. Proactively assess, incorporate, and manage regulatory or organizational changes that may impact privacy.
  • Lead a dedicated program delivery for the India legal entities to help teams implement the DPDP act requirements and meet compliance as defined in the Act itself.
  • Develop and maintain comprehensive records of processing activities, data inventories, and data flow diagrams (DFDs) to support transparency and compliance.
  • Conduct Data Privacy Impact Assessments (DPIAs) to identify potential privacy risks and recommend effective mitigation strategies.
  • Establish, implement, and govern vendor privacy management practices, ensuring all vendor and third party contracts comply with DPDPA requirements and organizational policies.
  • Deliver periodic training and awareness programs, promoting a strong culture of privacy, accountability, and compliance across the organization.
  • Serve as the primary point of contact between MPMS, regulatory authorities, and individuals exercising their data protection rights, ensuring timely and compliant responses and the requirements are translated back to the senior management team
  • Develop privacy metrics and dashboards to support effective monitoring, reporting, and decision making for relevant stakeholders and governance committees.
  • Stay abreast with Data Protection of India (DPB) developments in data protection laws, regulatory trends, and industry best practices.
Key Accountabilities and main responsibilities
Strategic Focus 
  • Shaping a privacy centric mindset across all levels in MPMS and embedding privacy by design concepts.
  • Champion personal data processing in accordance with India data privacy and data protection laws.  
  • Assist leadership to treat privacy as a strategic business enabler.
Operational Management
  • Report on privacy compliance and regulatory developments to management, relevant committees, and the Board, ensuring timely visibility of key risks and obligations.
  • Work collaboratively with Line 1, BU Champions, and other stakeholders to embed an effective and sustainable privacy risk culture across the business.
  • Maintain strong working relationships with internal and external stakeholders, including regulators, auditors, and industry bodies, to support ongoing compliance and alignment with best practices.
  • Support the organization in upholding the privacy rights of members and data subjects through effective processes, controls, and timely responses.
  • Advise the business on the need for Data Privacy Impact Assessments (DPIAs), guide their implementation, and ensure outcomes are appropriately addressed.
  • Provide timely, accurate, and practical advice to staff on privacy compliance, regulatory expectations, and operational matters.
  • Ensure full adherence to legal and regulatory requirements, promoting good conduct and safeguarding the reputation of MPMS through consistent and compliant business practices.
People Leadership 
  • Drive privacy accountability across business units by coaching, guiding, and influencing stakeholders at all levels to adopt privacy by design principles.
  • Strengthen internal expertise by delivering targeted training, mentoring BU privacy champions, and enabling teams to independently manage privacy obligations.
  • Promote open communication, responsible data-handling behaviours, and a mindset of collective ownership of privacy across the organization.
Risk & Governance
  • Define and oversee governance structures, policies, controls, and reporting to ensure compliance with DPDPA and other regulatory requirements.
  • Lead DPIAs, vendor risk assessments, data flow evaluations, and risk remediation to minimize legal, operational, and reputational exposure.
  • Provide timely visibility of privacy risks to senior leadership and committees, ensure compliance documentation is audit ready, and maintain strong regulatory engagement.
The above list of key accountabilities is not an exhaustive list and may change from time-to-time based on business needs.

 
Experience & Personal Attributes
  • Bachelor’s degree in any disciple. 
  • Specialized certifications in Data Privacy are highly desirable, such as CIPP/E, CIPM, CIPT, CDPSE etc 
  • 10+ years of overall professional experience, including 5 years of dedicated expertise in Data Privacy.
  • Demonstrated ability to design, implement, and manage privacy frameworks, policies, standards, and operational procedures across complex and dynamic business environments.
  • Strong understanding of applicable privacy laws and regulations, with the ability to interpret requirements, monitor compliance, and guide the organization through evolving regulatory expectations.
  • Proven expertise in assessing and managing privacy risks, advising on mitigation strategies, and conducting Data Protection Impact Assessments (DPIAs). Experienced in designing data flow diagrams, defining data inventories, and operationalizing processes for privacy breaches, data principal rights, consent management, and notices for consent.
  • Skilled in developing and delivering data privacy training and awareness programs, fostering a strong and sustainable privacy culture across the organization.
  • Experienced in compiling, analysing, and reporting privacy compliance metrics and regulatory developments to senior management and governance committees.
  • Strong influencing, advisory, and decision making skills, with the ability to guide business leaders on privacy risks, compliance obligations, and regulatory matters.
  • Ability to identify, analyse, and assess the impact of emerging privacy regulations and translate them into actionable business requirements.
  • Prior experience working within large, global organizations, with a solid understanding of cross border data flows, operational complexities, and matrixed governance structures.
  • Knowledge of leveraging digital technologies and automation to enhance privacy operations, reporting efficiency, and overall business outcomes.
  • Demonstrated capability and motivation to embrace new technologies, tools, and modern ways of working to drive continuous improvement in privacy management.

 

MUFG Pension & Market Services is a global, digitally enabled business that empowers a brighter future by connecting millions of people with their assets – safely, securely and responsibly. 

Through our two businesses MUFG Retirement Solutions and MUFG Corporate Markets, we partner with a diversified portfolio of global clients to provide robust, efficient and scalable services, purpose-built solutions and modern technology platforms that deliver world class outcomes and experiences. 

A member of MUFG, a global financial group, we help manage regulatory complexity, improve data management and connect people with their assets, through exceptional user experience that leverages the expertise of our people combined with scalable technology, digital connectivity and data insights.


MUFG Investor Services provides asset servicing solutions to the global investment management industry. Leveraging the financial and intellectual capital of MUFG - one of the largest banks in the world. We provide clients access to a range of leading solutions from fund administration, middle-office outsourcing, custody, foreign exchange, fund of hedge fund financing, trustee services and depositary to securities lending and other banking services.
In Investor Services business, we are building a dynamic, client-focused, caring, and inclusive culture based on entrepreneurial spirit, effective risk management, empathy, and trust, underpinned by core values. We work collaboratively, supporting and valuing the talents and perspectives of our people, and promoting a flexible work environment where their wellbeing is prioritized. We believe diversity drives better client outcomes, improvement, and growth. 
Be part of the MUFG Investor Services’ journey and together we will achieve our full potential. Candidates must have the relevant work rights. Successful applicants must complete background screening before employment.