Citi Group Data Privacy & Protection/Information Management 

United States, Florida, Jacksonville 

205966218

The Data Privacy & Protection/Information Management Operations Lead is a senior leadership position in Citi’s Chief Data Office (CDO) within the Chief Operating Office (COO) organization. The mandate of COO is to lead the Transformation efforts of the firm to deliver client excellence, improved operating efficiency and returns. As part of COO, the CDO organization is responsible for an enterprise-wide effort to transform and strengthen the firm’s data, modernize data infrastructure while simplifying the data operating model and executing the strategic priorities for the firm. The CDO defines and enforces data-related policies and standards across Citi and equips the firm with the tools required to take ownership and accountability for data governance and management. The CDO comprises of four functional groups: Business Aligned Data Leads, Core Data Delivery, Data Enablers, and Data Functions & Partners.

Responsibilities:

• Developing and managing the Data Privacy & Protection Operations team
• Partnering with the Global Head of Data Privacy & Protection to establishing and maintaining the DPP Operations target operating model, including the governance and engagement structure, monitoring practices, success criteria, and key indicators
• Acting as a the Data Privacy & Protection Operations representative in privacy-related forums across Citi
• Promoting data privacy and protection awareness and best practices through communication and training advocacy within Citi businesses
• Rationalizing requirements where possible to create standardized, repeatable processes that can be leveraged across multiple jurisdictions
• Supporting initiative owners in conducting Privacy Impact Assessments (PIAs), reviewing new or modified initiatives, identifying privacy impacts, and recommending controls to mitigate any potential privacy risks
• Monitoring the development and execution of privacy Corrective Actions Plans (CAPS) to resolve identified control deficiencies and to achieve process improvement opportunities
• Reporting, identifying and validating metrics to measure compliance, monitor risks and track mitigating actions
• Reviewing Security Incident Response Team incidents (SIRTs) impacting Personally Identifiable Information (PII) and participating in the mitigation and resolution plans including supporting the notification to data subjects
• Advising on and responding to Individual Rights requests (e.g. Data Subject Access Requests) including those that are extra-territorial in nature and escalating any issue or queries to the associated Data Protection Officers
• Participating in the development and maintenance of standards, procedures, and data processing inventories, assessing these periodically and updating them as needed to meet evolving internal and external requirements
• Partnering with Data Governance leaders to develop and manage organization workforce
• Manages diverse teams of managers and/or individual contributors
• Defines and resolves complex problems by looking beyond existing processes
• Requires specialized knowledge of Data Privacy related laws and regulations to provide advice to Business and Operational leadership, Global stakeholders and senior governance forum
• Provides input into the overall strategy for Data Privacy standards. Coordinates with regional and local teams to facilitate management responses during review cycles to ensure adherence to Data Privacy Standards enterprise wide
• Establish and implement process and procedures for governing and adopting Citi Data Privacy policies, in compliance with all relevant regulations and respective business needs
• Influences and negotiates with senior leaders (across functions); may communicate and negotiate with external parties i.e., third party vendors
• Execute and champion a framework for governance of Data Privacy across the organization, including the operating and accountability model including promoting
• Privacy by Design and drive improvements into the mechanics of how teams incorporate compliance and privacy-by-design into operations and product life cycles
• Execute enterprise-wide risk reduction metrics and reporting framework, and/or embed Data Privacy culture throughout the organization and role model the importance of Data Privacy governance across the Enterprise
• Implement practices that comply with data protection and privacy regulations
• Communicate the value of Data Privacy and its impact on the bank’s business to stakeholders
• Develop and deliver tools, trainings, templates, and other resources to be leveraged by the business to support data privacy compliance across the enterprise
• Review business processes to ensure the best practices are followed around the handling and use of personal information
• Lead execution of operational elements of risk mitigation plans for Impact Assessments
• Provide clear, accurate and timely reporting and escalations on privacy and data protection risks, risk mitigation measures and compliance activities
• Investigation and remediation of privacy incidents

Successful Candidates Will Possess:

• Deep knowledge of data privacy, along with an understanding of regulatory, compliance, risk management and financial management concerns including subject matter expertise in data privacy laws, rules, regulations, and industry standards
• Experience in large-scale, multi-year transformation and capability building efforts
• Strong conceptual/ practical grounding in Privacy and Risk and Control frameworks and methodologies.
• Strategic mindset, who can plan ahead to future possibilities and translate them into breakthrough strategies
• Communicates effectively, develops, and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences; able to drive consensus, and influence relationships at all levels
• Sound judgement with the ability to take a leadership position on all Data Privacy issues within Citi on all Data Strategy and Transformation related issues
• Can effectively lead change in an organization with Citigroup’s size, scale, and complexity; Experience leveraging the processes and principles of change management to drive organizational change, defining change criteria, providing support and education, managing resistance, and measuring outcomes
• Manages through ambiguity by making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems
• Experience in leading cross-functional teams
• Promotes a culture of collaboration and teamwork across organizations; and demonstrates effective work relationships with business and global function colleagues

Basic Qualifications:

• At least 15 years of relevant experience in data governance
• At least 10 years of people leadership experience
• Bachelor's Degree

Preferred Qualifications:

• At least 7 years of data privacy experience at a law firm, in-house and/or in the government
• Masters Degree
• Preferred data privacy professional qualifications such as CIPP, CIPM, or CIPT

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the