KIOPL Management Solutions India Private Limited will provide best in class services and solutions to our internal stakeholders and clients, drive organization wide process efficiency and transformation, and reflect KKR's global culture and values of teamwork and innovation. The office will contain multifunctional business capabilities and will be integral in furthering the growth and transformation of KKR.

TEAM OVERVIEW

KKR’s Legal & Compliance team is involved in all matters of trading, anti-corruption, conflicts of interest, etc. to protect the firm, our clients and investors, and our reputation. The team advises on compliance, oversight, monitoring, and reporting of the Firm’s trading platform and activities. The Legal & Compliance team drafts and updates KKR’s policies and procedures to ensure accountability for legal and regulatory requirements and adherence to our high ethical standards. The team also provides support for our employees by advising on and creating precautions for personal conflicts matters including social media usage, personal investing, outside business activities, etc.

POSITION SUMMARY

The Data Privacy Counsel will be responsible for ensuring that the firm adheres to all applicable data protection and privacy laws and regulations across the globe. The role involves developing, implementing, and maintaining policies and procedures to safeguard personal data and conducting compliance audits.

ROLES & RESPONSIBILITIES

• Develop, implement, and maintain comprehensive data privacy policies and procedures in line with GDPR and other relevant regulations.
• Conduct training sessions and workshops for employees on data privacy and protection practices.
• Develop and distribute educational materials to raise awareness about data privacy issues.
• Monitor compliance with data privacy policies and procedures.
• Conduct regular audits and assessments to ensure adherence to data protection laws and internal policies.
• Prepare and present compliance reports to senior management and regulatory authorities.
• Develop and maintain an incident response plan for data breaches and privacy incidents.
• Coordinate and manage responses to data breaches, including investigation, remediation, and reporting to regulatory authorities.
• Record data incidents in a compliant manner.
• Manage and oversee processes for handling data subject requests, such as access, rectification, and deletion requests.
• Ensure timely and compliant responses to data subject requests.
• Obtain and document necessary consents in a compliant way.
• Provide expert advice and guidance to the business on data privacy matters and regulatory requirements.
• Collaborate with legal, IT, and other departments to ensure cohesive data privacy practices.
• Coordinate intra-group data transfer agreements.
• Identify and assess data privacy risks related to business activities and third-party relationships.
• Implement risk mitigation strategies and monitor their effectiveness.
• Institute a privacy impact procedure to assess privacy risks in relation to proposed initiatives or arrangements.
• Stay updated on changes to data protection laws and regulations and adjust policies and practices accordingly.
• Foster a culture of continuous improvement in data privacy practices within the organization.
• Review Coupa vendor privacy risk questionnaires (including transfer risk questionnaires).
• Conduct and draft data privacy impact assessments for data processing activities involving service providers.
• Negotiate privacy and cyber terms in vendor agreements (e.g., data processing agreements, data security agreements, and related documentation).
• Maintain records of processing activities.
• Ensure all documentation related to data privacy and protection is up to date and compliant with relevant regulations.

QUALIFICATIONS

• Bachelor’s degree in law or a related field and professional certifications (e.g., CIPP/E, CIPM) is preferred.
• Minimum of 3 - 8 years of experience in data privacy compliance, preferably within the financial services sector.
• In-depth knowledge of GDPR and other relevant data protection laws and regulations across the globe.
• Proven track record in developing and implementing data privacy policies and procedures.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills, with the ability to educate and influence stakeholders at all levels.
• Ability to manage multiple projects and priorities in a fast-paced environment.
• Experience in a private equity or asset management firm.
• Ability to handle sensitive, material non-public and confidential information with discretion.
• Exceptionally detail oriented and analytical.
• Self-motivated and proactive with the ability to work independently under pressure and to tight deadlines.
• Ability to work with teams across various global office locations.
• Proficiency in compliance monitoring tools and software.
• Excellent communication and interpersonal skills.
• Excellent proficiency in Microsoft Excel.
• Displays high intellectual curiosity and innovative mindset.
• Demonstrates highest levels of integrity.
• Focuses on delivering excellence and accountability.
• Strong problem-solving skills and the ability to think strategically.