Summary
Overview
Work history
Education
Skills
Certification
Languages
References
Timeline
Generic
Rahul Kaushik  - AIGP, FIP, CIPP/e, CIPM, ISO 27001, 27701, 22301

Rahul Kaushik - AIGP, FIP, CIPP/e, CIPM, ISO 27001, 27701, 22301

Dubai,United Arab Emirates

Summary

Seasoned Cybersecurity, Data Privacy, and AI Governance Professional with over 14 years of experience leading end-to-end data protection, privacy, and GRC programs across multinational organizations in the financial, telecom, and critical infrastructure sectors. Proven track record in developing and operationalizing governance frameworks, conducting cybersecurity and privacy risk assessments, managing regulatory compliance (GDPR, PDPL, ISO 27001, NIST CSF), and aligning cybersecurity initiatives with business strategy. Experienced in evaluating emerging risks in AI systems and establishing responsible AI governance frameworks to ensure ethical, secure, and compliant AI adoption. Adept at engaging senior stakeholders, managing cross-border regulatory requirements (GCC, APAC, EU), and fostering a culture of compliance, digital trust, and cyber resilience

Overview

15
15
years of professional experience
5
5
years of post-secondary education
1
1
Certification

Work history

Assistant Manager - Privacy, Cybersecurity & GRC

KPMG Lower Gulf Ltd.
Dubai, UAE
08.2021 - 04.2025
  • Designed and operationalized enterprise-wide privacy and information security governance frameworks in alignment with GDPR, KSA PDPL, and NIST CSF.
  • Led data privacy and cybersecurity GRC programs for major financial institutions across the GCC, aligning with regional and global frameworks.
  • Reviewed and analyzed leading cybersecurity and risk management frameworks, including ISO/IEC 27001, SAMA CSF, NIST RMF, and the NISF Cybersecurity Framework, to design a unified compliance framework and conduct comprehensive assessments across multiple regulatory environments.
  • Led ISO/IEC 27001 readiness and implementation projects for multiple regional clients, including control gap assessments and internal audits.
  • Managed third-party risk assessments, performed vendor security and privacy reviews, and supported remediation planning.
  • Conducted DPIAs, LIAs, and TIAs for multinational financial and defense clients, ensuring regulatory alignment and risk mitigation.
  • Developed data protection policies, procedures, and training programs, promoting awareness and compliance across business functions.
  • Collaborated with CISOs, legal, and IT security teams to establish risk registers and implement continuous monitoring processes.
  • Managed data localization initiatives for top-tier banks in the UAE, coordinating with regulators and delivering maturity improvement plans.
  • Automated compliance activities through tooling and dashboards, enhancing visibility on both privacy and cybersecurity KPIs.
  • Advised cross-functional teams on GCC regulatory developments and assisted in tailoring controls to regional legal obligations.

Data Protection & Compliance Professional

British Telecom Pvt Ltd.
11.2020 - 08.2021
  • Responsible for managing BT's privacy compliance for India and EU region.
  • Worked extensively with the DPO office to review the Data Processing Agreement (DPA), handle Data Subject Requests (DSR), website cookie compliance.
  • Conducted third party due diligence in line with privacy obligations.
  • Worked in the DPO office to Lead the bank's compliance strategy with GDPR ensuring protection of client and employee data across all branches.
  • Lead numerous Privacy by Design (PbD) assessments to facilitate compliance to various GDPR principles.
  • Conducted Data Protection Impact Assessments (DPIAs) for new and existing banking services to evaluate risks associated with personal data processing.
  • Monitored, researched, compared and analyzed existing, proposed, and new data protection and privacy laws, regulations, and policies globally with respect to their present and future impact upon company operations.
  • Conduct a gap assessments for targeted vendor to assess their compliance to group security policies.
  • Report out the key findings and gaps to senior stakeholders for review and sign off.
  • Perform vendor policies and procedures review to align to group security requirements.
  • Conducted multiple tailored made workshops for senior stakeholders, Privacy champions, etc.

Manager - Cyber and Privacy Risk

Barclays Global Service Centre Pvt Ltd.
Delhi, India
05.2015 - 11.2020
  • Led GDPR compliance efforts across APAC operations, conducting DPIAs, vendor due diligence, and internal audits.
  • Supported ISO/IEC 27001 certification maintenance and facilitated control testing aligned with internal standards.
  • Managed the third-party governance process, reviewing vendor policies and mapping security controls to group requirements.
  • Partnered with legal and information security teams to respond to internal audits and regulatory inquiries.
  • Led GDPR and cybersecurity compliance initiatives in collaboration with Barclays' DPO and Group Security teams.
  • Performed Privacy by Design assessments, DPIAs, and third-party GRC reviews for banking products and services.

Operational Compliance Executive

Marriott International and Oberoi Group
07.2010 - 04.2015
  • Responsible for day to day compliance and vendor governance activities.
  • Conduct a gap assessments for targeted vendor to assess their compliance to group security policies.
  • Report out the key findings and gaps to senior stakeholders for review and sign off.
  • Perform vendor policies and procedures review to align to group security requirements

Education

Bachelor of Science (B.Sc.) -

IHM Jaipur
07.2007 - 06.2010

MBA - IT and Cybersecurity

Institute of Management Technology (IMT)
07.2019 - 03.2021

Skills

  • Regulatory Liaison & Reporting
  • Cybersecurity Governance & Risk Management
  • ISO/IEC 27001 Implementation & Audits
  • Third-Party Risk Management & Due Diligence
  • Data Protection Impact Assessments
  • Records of Processing Activities
  • Data Breach Management
  • Security & Privacy Audits
  • Privacy Maturity & Gap Assessment
  • Privacy by Design Assessments Policies & Procedures
  • Design Privacy controls frameworks
  • Training & Awareness
  • Risk Identification & Mitigation
  • Data Governance
  • GRC Tool Implementation & Management
  • Project Management
  • Stakeholder Management

Certification

  • Artificial Intelligence Governance Professional (AIGP) , International Association of Privacy Professionals. This certificate helps to provide guidance for establishing, implementing, and managing responsible AI governance frameworks, enabling organizations to align AI use with ethical principles, regulatory expectations, and risk management best practices.
  • Fellow of Information Privacy (FIP) , International Association of Privacy Professionals, Highest credentials awarded by IAPP to individuals who has an advanced knowledge of privacy laws, regulations, and best practices, along with significant experience in the field of data privacy.
  • Certified Privacy Professional Europe (CIPP/E) , This certification delivers the comprehensive GDPR knowledge, prospective and understanding to ensure compliance & data protection success in Europe.
  • Certified Information Privacy Manager (CIPM) , This certification focuses on understanding of concepts, frameworks and regulations to hold the role of privacy program manager.
  • ISO 27001 (LA/LI ), ISO /IEC 27001 promotes a holistic approach to information security: vetting people, policies and technology.
  • ISO 27701 (LA) , This certificate helps to provide guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS).
  • ISO 22301 (LA) , This certificate helps to provide guidance for establishing, implementing, maintaining, and continually improving a Business Continuity Management System (BCMS).

Languages

English
Native
Arabic
Beginner

References

References available upon request.

Timeline

Assistant Manager - Privacy, Cybersecurity & GRC

KPMG Lower Gulf Ltd.
08.2021 - 04.2025

Data Protection & Compliance Professional

British Telecom Pvt Ltd.
11.2020 - 08.2021

MBA - IT and Cybersecurity

Institute of Management Technology (IMT)
07.2019 - 03.2021

Manager - Cyber and Privacy Risk

Barclays Global Service Centre Pvt Ltd.
05.2015 - 11.2020

Operational Compliance Executive

Marriott International and Oberoi Group
07.2010 - 04.2015

Bachelor of Science (B.Sc.) -

IHM Jaipur
07.2007 - 06.2010
Rahul Kaushik - AIGP, FIP, CIPP/e, CIPM, ISO 27001, 27701, 22301