BIGID
Anshul Kumar Singh
Data Privacy Professional
Noida
Summary
Certified Data Privacy Professional with over 12 years of experience driving compliance with global data protection and privacy regulations including GDPR, CCPA, POPIA, LGPD, DPDPA, and HIPAA. Demonstrated success in implementing enterprise privacy frameworks, conducting comprehensive risk assessments, leading internal and external audits, and advising cross-functional teams on privacy best practices. Skilled at bridging legal, IT, and business domains to align privacy strategies with organizational goals and regulatory requirements. Adept at developing and sustaining privacy operations, supporting business transformation and transition initiatives, and embedding privacy-by-design principles into enterprise resilience strategies. Seeking to leverage deep regulatory expertise and operational insight to strengthen privacy programs and ensure data protection excellence in dynamic organizational environments.
Overview
13
13
years of professional experience
5
5
years of post-secondary education
5
5
Certifications
Work History
Manager
Deloitte Touche Tohmatsu
04.2022 - Current
- Managing the Data Privacy Forte within the Cyber Risk Advisory domain of Deloitte India
- Experienced in Data Protection Impact Assessments (DPIAs) for new business initiatives and third-party integrations.
- Conducted a comprehensive Privacy Program and assisted the client with the Readiness Framework on regulatory compliance like GDPR, CCPA, POPIA, DPDP Act, HIPAA, etc
- Developed test plans and strategies to evaluate Privacy by Design like Data Masking on Critical and Sensitive Data across various systems and processes
- Assessing the client's infra and creating the the required policies & procedures, basis the regulatory compliance
- Oversaw third-party data processing agreements and vendor due diligence reviews.
- Handled and resolved complex DSARs and consumer complaints in compliance with legal timeframes.
- Assist in the Implementation of Alliances preferably Klassify, Microsoft E3, BigID on the different ecosystems, integrating with various Data visualization & Data Masking tools like Delphix, and Collabra
- Experience in developing policies, processes, and guidelines aligned with industry standards
- Managing the Team of 10pax and supported the business with overall Operations management, YTD utilization
- Implemented resilience management frameworks to ensure business continuity and disaster recovery capabilities
- Preparation of the Policies, Procedures, Data Flow Diagrams (DFDs) at Functional & Technical Levels
- Implemented automated tools to streamline consent management and overall Privacy controls
- Performing the key role in the management of Engagement Financials and Engagement Codes with the Leadership of APAC & EMEA
- Prepare a Remediation Plan/Implementation Roadmap to cover up all observed areas that help in providing the Phased-Wise approach for mitigating the risks & threats
- Developed and implemented enterprise risk management frameworks to identify, assess, and mitigate risks across the organization
- Supported regulatory inquiries and maintained records of processing activities (RoPAs).'
- Assisting APAC lead on Binding Corporate Rules (BCRs) for Personal data processing and Data flow documentation for Controller and Processor responsibility under Nature, Purpose, and Extent of Data processing (within & outside EU)
- Developed and maintained resilience plans and procedures to address potential threats and disruptions
- Delivered ongoing privacy training to business stakeholders across departments.
Deputy Manager
HCL Technologies Ltd.
12.2020 - 04.2022
- Developed and implemented enterprise risk management frameworks to identify, assess, and mitigate risks across the organization.
- Develop and maintain an effective incident response plan for data breaches/privacy incidents or privacy incidents.
- Develop policies and procedures for Data Privacy Impact Assessment, Privacy Incidents, third-party privacy framework, Breach management procedures & data privacy governance structure.
- Assisting APAC lead on Binding Corporate Rules (BCRs) for Personal data processing and Data flow documentation for Controller and Processor responsibility under Nature, Purpose, and Extent of Data processing (within & outside EU)
- Developed and maintained resilience plans and procedures to address potential threats and disruptions.
- Established key risk indicators (KRIs) and risk appetite frameworks to monitor and report on risk exposure to senior management and the board of directors.
- Conducted Business Impact Analysis as a part of a recovery strategy to ensure periodic Business Continuity Management and Disaster Recovery (BCP/DR).
Supervising Associate
Ernst & Young (EY)
02.2017 - 12.2020
- Maintaining the complete service line of engagement i.e., Planning, Progression, Execution & Remediation.
- Articulate key risks in business processes, assess control design, and advise business owners on control improvements over financial reporting.
- Collaborate with External stakeholders, Consultants, and corporate team to understand the nature of the ask and work accordingly.
- Conducted Business Impact Analysis as a part of a recovery strategy to ensure periodic Business Continuity Management and Disaster Recovery (BCP/DR).
- Prepared & reviewed daily exception reports; researched and resolved exceptions under the Risk Management domain.
- Identify opportunities for improving third-party risk posture as well as EY third-party risk management processes, including expanded monitoring, KRI tracking, etc.
Sr. Financial Analyst
American Express
03.2013 - 06.2016
- Reconciled inventory and performed weekly trend analysis for cycle counting, to avoid a physical inventory count.
- Engage with the TP Information Risk Managers (TPRM), in developing the Wholesale (CIB, AM, and CB) and Firmwide Critical Supplier portfolio Book of Work
- Budget Allocation - Preparation of Fund Flow & Cash Flow Statement for deviation between Actual & Budgeted.
- Performing Stat on a fortnightly basis to GAP analysis and reconciliation.
- Nominated for end Project of M&A between AMERICAN EXPRESS with GLOBAL BUSINESS TRAVEL (GBT), differentiating the Entity to be used in both the business units.
- In 2015, Nominated for 2nd Project in line for rollover of GBT to NEWCO and successfully implemented all the norms of Control Testing
GWIM - Senior Financial Analyst
Bank of America
01.2012 - 02.2013
- Managing the Account Opening Program Bank of America (BOA) Clients in the Global Wealth & Investment Management department.
- Analyzed the information mentioned over the scanned documents in the Virtual Stations, designed with the workflow timings of the U.S. particularly.
- Responsible for the research of the information related to the account opening scanned over the document should match up with information generated in the KD screens.
- Providing approvals for the various traits {Like Power of Attorney (POA), Transfer on Death (TOD), and Letter of Authorization (LOA) on every requested Acct.
Education
MBA - FINANCE
Sikkim Manipal University
01.2012 - 01.2014
B. Com Programme - undefined
Hansraj College
01.2008 - 01.2011
Class XII - Commerce
A.S.N School
Skills
Data Protection & Compliance (GDPR, CCPA, HIPAA, etc)
Privacy Impact Assessments (PIAs & DPIAs)
Data Subject Access Requests (DSARs)
Privacy Policies & Program Development
Vendor Risk Management
Records Retention & Data Classification
Incident Response & Breach Notification
Privacy Training & Awareness Campaigns
Legal and Regulatory Research
Cross-functional Team Collaboration
Major Certifications
- Microsoft Certified: Information Protection Administrator Associate (SC-400),
- CIPP/E
- Certified ISO27001:2022
- Data Protection & Privacy Compliance (DPDPA, GDPR, LGPD, ISO27001, CCPA)
- Network Security (Checkpoint, Palo Alto, Fortinet, Cisco)
- Machine Learning - Data Classification
- ISO27701: 2019 PIMS Lead Implementer
- One Trust Certified - DSARs, Consent Management, Assessment Automation, 03rd Party Risk, Data Discovery
Software
One Trust Modules (DSARs, Consent Management, 03rd Party Risk & Assessment Automation)
Thales KMS
Microsoft AIP (E3 & E5)
Klassify
Palo Alto
Certification
One Trust Certified - DSARs, Consent Management, Assessment Automation, 03rd Party Risk, Data Discovery
Timeline
One Trust Certified - DSARs, Consent Management, Assessment Automation, 03rd Party Risk, Data Discovery
01-2024
Machine Learning – Data Classification
01-2024
CIPP/E
01-2024
Microsoft Certified: Information Protection Administrator Associate (SC-400)
01-2024
ISO27701: 2019 PIMS Lead Implementer
01-2023
Manager
Deloitte Touche Tohmatsu
04.2022 - Current
Deputy Manager
HCL Technologies Ltd.
12.2020 - 04.2022
Supervising Associate
Ernst & Young (EY)
02.2017 - 12.2020
Sr. Financial Analyst
American Express
03.2013 - 06.2016
GWIM - Senior Financial Analyst
Bank of America
01.2012 - 02.2013
MBA - FINANCE
Sikkim Manipal University
01.2012 - 01.2014
B. Com Programme - undefined
Hansraj College
01.2008 - 01.2011
Class XII - Commerce
A.S.N School