Job Title: Subject Matter Expert - Data Privacy (10-15 Years- Experience)
This position leads the organizations Privacy compliance program, responsible for both developing and implementing a governance framework of policies and procedures, monitoring, training and awareness programs, and ongoing risk assessment, in partnership with senior leaders in multiple SBUs, in order to
(1) ensure compliance with applicable laws and regulations,
(2) minimize the company's exposure to adverse events,
(3) facilitate effective engagement with appropriate regulatory agencies, and
(4) support a culture of innovation. This position is also responsible for working closely with the Company's third party financial services providers to ensure alignment with the Company's contractual commitments under each program.
Major Responsibilities -
- As a strategic partner to leaders in the organization, responsible for designing and maintaining the Company's Privacy compliance program including all elements prescribed by the global subject matter management system, conducting and directing assessments to identify material risks, implementing monitoring programs, develop action plans for review with cross-functional teams, and provide feedback and recommendations for process controls and program improvements.
- Design programs to established best practices by analyzing business objectives and needs, researching and benchmarking industry best practices and legal requirements. Lead risk assessments to identify gaps and deficiencies, and help to determine remedial action to correct or mitigate risk. Monitor privacy performance metrics and assist in determining whether they indicate a need for corrective actions
- Provide direction and oversight for the Company's Privacy program. Support teams with expert guidance on identification and management of privacy risk
- As a strategic partner to the Company's third-party partners, works to ensure strategic direction and alignment of the Privacy program and acts as an escalation point for compliance issue detection and resolution
- In partnership with counsel where appropriate, articulate corporate positions on compliance matters to regulators and external agencies. Maintain involvement with regulators to ensure compliance with all legal requirements
- Ensure proactive and timely identification, assessment, advice and dissemination of evolving legal and regulatory changes / practices and associated risks on privacy issues
- Foster an environment that drives appropriate privacy risk control behavior, including early anticipation, identification and mitigation of privacy risk, escalate issues in line with the set Operational Risk Framework
- Support regulatory inspections and reviews, represent the organization in interactions with government and all other regulatory bodies on privacy matters.
Qualifications and Experience :
- Bachelor's degree must.
- Detailed understanding of E commerce and Financial Services products and associated Consumer Protection, Privacy and Anti-Money Laundering regulations.
- 10 years of experience in implementing and managing compliance programs of which a minimum of 5 years of experience must be advising on privacy requirements, risks and designing / developing solutions to problems, including employee privacy.