Data Protection and Information Security Officer

Company Description

The Bosch Group is a leading global supplier of technology and services. It employs roughly 429,000 associates worldwide (as of December 31, 2023). The company generated sales of 91.6 billion euros in 2023. Its operations are divided into four business sectors: Mobility, Industrial Technology, Consumer Goods, and Energy and Building Technology. With its business activities, the company aims to use technology to help shape universal trends such as automation, electrification, digitalization, connectivity, and an orientation to sustainability. In this context, Bosch’s broad footprint across industries and regions strengthens its innovativeness and robustness. Bosch uses its proven expertise in sensor technology, software, and services to offer customers cross-domain solutions from a sole source. It also applies its expertise in connectivity and artificial intelligence to develop and manufacture user-friendly, sustainable products. With technology that is “Invented for life,” Bosch wants to help improve quality of life and conserve natural resources. Read more at https://www.bosch.com/company/#what-we-do

Bosch Global Software Technologies Private Limited (BGSW) is a 100% owned subsidiary of Robert Bosch GmbH. We are one of the world’s leading global suppliers of technology and services, offering end-to-end Engineering, IT, and Business Solutions. With a global footprint and presence in US, Europe, Japan, China, and the Asia Pacific region, we are at the forefront of designing, developing, and executing IoT ecosystems through our all-encompassing capability within the three aspects of IoT – Sensors, Software, and Services. We have always focused on improving the quality of the life of people, providing newer revenue-generating opportunities, and improving operational efficiencies for enterprises through an array of solutions. With our unique ability to offer end-to-end solutions that connect Sensors, Software, and Services, we enable businesses to move from the traditional to digital or improve businesses by introducing a digital element in their products and processes. Learn more at https://www.bosch-softwaretechnologies.com/en/our-company/about-us/

Job Description

The Data Protection and Information Security Officer (DSO) is responsible for the Governance of the Data Protection Management System (DPMS) and Information Security Management System (ISMS) in all organizational units of the Bosch Group in India, Sri Lanka, Bangladesh and Nepal.

Role and responsibilities

1. Recognize the principles, intent, ways, rationales, approaches, ideas and solutions proposed, deliberated and adopted in creating / enacting data protection regimes
2. Comprehend privacy legislative ideas, intent, articles, sections and expectations set by them and their relevance to the organization
3. Assess and estimate impact
4. Set up:
   1. Privacy Program
   2. Data inventory/registry
   3. Recording data processing activities
   4. Governance mechanism
   5. Privacy organization
   6. Grievance handling
   7. Privacy reporting
   8. Monitoring and incident reporting
5. Drive organizational response, contribution, commitments to privacy requirements and obligations (e.g. Training, Awareness campaigns, Board and executive Management Commitment, issuing guidelines, Directives, Policies, Procedures, Seeking conformance and reporting, Assessing preparedness)
6. Operationalizing the Privacy Program including governance
7. Operationalizing the privacy Technology and Architecture
8. Assessing emerging Technology, Digitization impacting Privacy
9. Monitoring and Incident Response

Qualifications

• Fulltime LLB mandatory.
• Experience in people management & global stakeholder management

Key asks of the role:

• Expertise in data privacy laws
• Comprehensive understanding of technologies (solid background in IT, data analysis, data management, data security, data protection tools and techniques). Ability to assess and implement new technologies that enhance the organization’s data protection strategies and compliance efforts.
• Good leadership and communication skills. Coordination ability (varied internal stakeholders across hierarchy and externals like data principals, data protection supervisory authority etc)
• Should be able to explain complex data protection concepts in clear and simple terms and foster a culture of data protection within the organization.
• Sound understanding of business domain and operations.
• Audit and legal skills. Ability to conduct and oversee data protection audits, assessments and identify and mitigate risks or gaps in the organization’s data protection practices.
• Basic knowledge of legal aspects of data protection (e.g. contracts, agreements, disputes) and be able to liaise with legal advisors or representatives when necessary.
• Complex problem-solving – ability to identify, analyze, solve non-routine problems that require high cognitive effort and creativity. Complex problems often involve multiple factors – uncertainties, interdependencies, dynamic changes and they may not have clear or optimal solutions.
• Critical thinking skills essential as they enable assessment of potential risk and vulnerabilities in the organization’s data protection strategies and develop effective solutions for mitigating them and ensuring compliance with applicable data protection laws.
• Emotional intelligence – to help the DPO communicate effectively with different stakeholders (e.g. Data subjects, data processors, joint controllers, data protection board, supervisory authorities and to understand their needs, expectations and perspectives); Handle complex and sensitive data protection issues such as data breaches, complaints, disputes or investigations and to make sound and ethical decisions based on the available information, data and criteria; manage stress, emotions and conflicts that may arise in the course of their work and to maintain a positive and professional attitude and demeanor.

Additional Information

• 15-18 years of post qualification experience as per the above description.