Engages in assessment of Privacy impact processes and controls required for all initiatives, new products and services
Assess, evaluate, and validate controls through processes and tools such as the MCA and KRIs as appropriate for data privacy risk
Support the Business and Functions on reviews and audits on Data Privacy. Support the business on reviewing and responding to findings by reviewers.
Manage day to day activities that support implementation of global policy requirements and regional standards, and on the assessment of the legal and regulatory requirements with Country Legal and Compliance as well as the development of local procedures as relate to Data Privacy
Coordinate periodic reviews of the Business’s data privacy processes and control and validate changes as a result of such reviews
Track and review deviations and risk acceptances when raised and at the time of renewal to assess the need for deviations and ascertain that the business has implemented and documented effective compensating controls
Follow Escalation Policy and procedures to ensure effective escalation and socialization of material risk events and issues across businesses for any data privacy related items
Assist business in creation of Issues/CAPs related to data privacy as needed (issues and CAPs owned by Product/Region business owner). Track and escalate as necessary
Provide input and review of completed data privacy CAPs in the tracking system prior to validation by other control and assessment functions such as Internal Audit and ORM
Coordinate and support the Business in the implementation of global, regional and local Data Privacy, regulatory and risk and control projects
Ensure high quality execution for Data Privacy programs for any Citi initiated programs, in coordination with Global Risk and Control and the In Business Regulatory Engagement Head
Develop and implement training on risk and control concepts, processes, tools, and on effect
Qualifications:
6-10 years of relevant experience
Demonstrates Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management experience or minimum two years in an Internal Audit, Risk Management, or Control Management related role
Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls. Additionally, familiarity with privacy related technology considerations such as cookies, mobile devices, biometric and geolocation data is desired
Risk-based thinking and analytical mindset
Ability to lead and drive controls across the products and functions irrespective of reporting lines
Communicates effectively, develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences; able to drive consensus, and influence relationships at all levels
Collaborates effectively by building partnerships and working well with others to meet shared objectives
Up-to-date understanding of key data privacy risk and control concepts, tools and trends
Experience in managing and implementing successful projects
Proficient in the use of basic Microsoft applications (Word, Excel, PowerPoint)
Education
Bachelor's/University degree, Master's degree preferred; Privacy certification is preferred but not required
Data GovernanceFull timeTampa Florida United States$103,920.00 - $155,880.00