Data Security Manager
Shoppers Stop
Job Description
About the Company Develop and implement comprehensive data security policies and procedures that address the unique requirements of both brick-and-mortar and online retail operations. Ensure adherence to regulatory standards such as the DPDPA of India and other relevant laws governing data protection in India. About the Role Conduct regular risk assessments to identify potential vulnerabilities and threats to data security in both physical and digital environments.
Develop and implement strategies to mitigate risks and strengthen security measures across all business channels. Responsibilities Implement advanced monitoring tools and processes to detect and respond to security incidents promptly. Lead incident response efforts to minimize the impact of security breaches or data leaks, coordinating with relevant teams to ensure swift resolution and compliance with regulatory reporting requirements.
Develop and deliver data security awareness training programs for employees across all business channels. Foster a culture of security consciousness and compliance with data security policies and procedures among staff members, including those involved in brick-and-mortar store operations and online platform management. Evaluate the security practices of third-party vendors and partners involved in supporting both brick-and-mortar and online business activities.
Establish criteria for vendor selection and monitor compliance with security requirements to mitigate the risks associated with outsourcing in a retail environment. Stay informed about evolving data protection laws and regulations in India, ensuring ongoing compliance with applicable requirements for both physical and digital retail operations. Collaborate with legal and compliance teams to address regulatory changes and implement necessary adjustments to data security measures.
Coordinate and participate in security audits and assessments conducted internally or by external auditors. Implement corrective actions to address any identified security gaps or non-compliance issues, with a focus on enhancing security posture across all business channels. Identify Data Protection Tools being used in enterprise space such as forcepoint, Mcaffe etc.
Conduct extensive testing and POC and select and deploy security tools and technologies to ensure the confidentiality, integrity, and availability of customer data in physical and digital environments. Qualifications Bachelor's degree in Computer Science, Information Technology, or related field. Advanced degree or certifications in information security (e.g., CISSP, CISM) preferred.
Proven experience 10 plus years in a similar role, with a focus on data security and privacy management in retail environments encompassing both brick-and-mortar and online channels. Deep understanding of data security principles, practices, technologies, and standards, with knowledge of India-specific regulatory requirements for data protection. Experience in conducting risk assessments, security audits, and incident response procedures in multi-channel retail settings.
Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and external stakeholders. Strong analytical mindset with attention to detail and the ability to solve complex problems in a dynamic retail environment. Required Skills Data security and privacy management Risk assessment and mitigation Incident response Security audits Vendor risk management Preferred Skills Advanced certifications in information security Experience with data protection tools