Job description

Job Description: Data Privacy Auditor (GDPR)

Location: Pune

Contract: 6 Months (Possible Full-Time Hire)

Urgent Requirement

We are looking for an experienced Data Privacy Auditor with strong expertise in GDPR and Information Security Compliance. The candidate will be responsible for conducting comprehensive audits across applications, APIs, and IT infrastructure to ensure adherence to regulatory standards and internal security policies.

Key Responsibilities

1. Conduct end-to-end security and privacy compliance audits for applications, APIs, and supporting infrastructure.
2. Evaluate system configurations, access controls, encryption mechanisms, data flows, and hosting environments.
3. Review SDLC processes, secure coding practices, and change management workflows.
4. Assess compliance with key standards including GDPR, ISO 27001, NIST, NESA, PCI-DSS, and internal IS policies.
5. Identify control weaknesses, non-compliance areas, and potential risks.
6. Prepare detailed audit reports with findings, risk ratings, and recommended corrective actions.
7. Provide clear, prioritized remediation guidance to technical and business teams.
8. Collaborate with IT, development, and application owners to validate observations and drive resolution.
9. Track remediation progress and ensure closure of action items with all stakeholders.