Legal & Compliance - Data Privacy - Head

Posted:
10/17/2024, 12:20:43 AM

Location(s):
Gurgaon, Haryana, India ⋅ Haryana, India

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
Legal & Compliance

COMPANY OVERVIEW

KKR & Co. Inc., together with its subsidiaries, is a leading global investment firm that offers alternative asset management and capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of The Global Atlantic Financial Group. 

TEAM OVERVIEW

KKR’s Legal & Compliance team is integral to all matters pertaining to trading, anti-corruption, conflicts of interest, etc., to protect the firm, our clients and investors, and our reputation. The team advises on agreements, fund related aspects, compliance, oversight, monitoring, and reporting of the firm’s trading platform and all activities. Additionally, the Legal & Compliance team drafts and updates KKR’s policies and procedures to ensure accountability for legal and regulatory requirements and adherence to our high ethical standards. The team provides support to KKR employees by advising on and creating precautions for personal conflicts matters including social media usage, personal investing, outside business activities, etc.

 POSITION SUMMARY

The Head of Privacy will be responsible for ensuring that the firm adheres to all applicable data protection and privacy laws and regulations across the globe. The role involves developing, implementing, and maintaining policies and procedures to safeguard personal data, conducting compliance audits, and serving as the point of contact for data protection authorities.

KEY RESPONSIBILITIES

  • Develop, implement, and maintain comprehensive policies and procedures in line with GDPR and other relevant regulations.
  • Ensure all data processing activities comply with applicable data protection laws and internal policies.
  • Develop and implement the privacy compliance program including providing requirements for new data uses, cross border data transfers, data subject rights, incident preparedness and response and privacy risk management.
  • Foster a culture of continuous improvement in data privacy practices within the organization.
  • Coordinate and manage responses to data breaches, including investigation, remediation, and reporting to regulatory authorities.
  • Coordinate ongoing activities as well as performing internal reviews, audits, and assessments to ensure adherence to data protection laws and internal policies.
  • Prepare and present compliance reports and updates to senior management and regulatory authorities.
  • Develop and maintain an incident response plan for data breaches and privacy incidents.
  • Manage, respond, and oversee processes for handling data subject requests, such as access, rectification, and deletion requests.
  • Serve as the primary point of contact for data protection authorities and other regulatory bodies.
  • Provide expert advice and guidance to the business on data privacy matters and regulatory requirements.
  • Collaborate with internal stakeholders to ensure cohesive data privacy practices are developed and maintained.
  • Identify and assess data privacy risks related to business activities and third-party relationships.
  • Implement risk mitigation strategies and monitor their effectiveness.
  • Stay updated on changes to data protection laws and regulations and adjust policies and practices accordingly.
  • Review vendor privacy risk questionnaires.
  • To deploy practices of privacy by design and default within KKR.
  • Conduct privacy impact assessments.
  • Collaborate with various (internal and external) stakeholders to negotiate privacy and cyber terms in vendor agreements (e.g., data processing agreements, data security agreements, data transfer agreements and related documentation).
  • Maintain records of processing activities and map flow of data for vendors, employees, and other third parties.
  • Ensure all documentation related to data privacy and protection is up to date and compliant with relevant regulations.
  • Develop and distribute educational materials to raise awareness about data privacy issues.
  • Conduct training sessions and workshops for employees on data privacy and protection practices.

QUALIFICATIONS

  • Bachelor’s degree in law from a reputed law school, Information Technology, Business, or a related field. A master’s degree or professional certifications (e.g., CIPP/E, CIPM) is preferred.
  • Minimum of 10 years of experience in data privacy compliance, preferably within the financial services sector and in-depth knowledge of U.S. and EU privacy laws- including GDPR and CCPA, etc.
  • In-depth knowledge of GDPR and other relevant data protection laws and regulations across the globe.
  • Excellent proficiency in Microsoft office (including Microsoft Excel).

ATTRIBUTES

  • Proven track record in developing and implementing data privacy policies and procedures.
  • Strong problem-solving skills and the ability to think strategically.
  • Excellent communication and interpersonal skills, with the ability to educate and influence stakeholders at all levels.
  • Ability to independently manage multiple projects and priorities in a fast-paced environment.
  • Experience in a private equity or asset management firm shall be preferred.
  • Ability to handle sensitive, material non-public and confidential information with discretion.
  • Exceptionally detail oriented and analytical.
  • Self-motivated and proactive with the ability to work independently under pressure and to tight deadlines.
  • Ability to work with teams across various global office locations.
  • Proficiency in compliance monitoring tools and software.
  • Excellent communication and interpersonal skills.
  • Excellent proficiency in Microsoft Excel.
  • Displays high intellectual curiosity and innovative mindset.
  • Demonstrates highest levels of integrity.
  • Focuses on delivering excellence and accountability.

 

 

#LI-Onsite

KKR is an equal opportunity employer.  Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.