Data Privacy Group Manager - SVP

Discover your future at Citi

Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.

Job Overview

The Data Privacy Group Manager is responsible for providing governance and oversight, operational risk management and controls leadership at an enterprise level for activities associated with Privacy risk management.  This governance role sits in the IMPaCT:Privacy Office Information Management, Privacy and Cross-border Transfer: Privacy Office (IMPaCT: Privacy Office), and will primarily have responsibility for owning/managing Privacy Standards owned by the first Line of Defence (1LOD), monitoring business/function compliance with the Citi Global Privacy Policy, identification and management of operational risks associated with Privacy, and working across the enterprise to ensure that effective controls and monitoring are in place to reduce risk.

What you’ll do

• Support the setting of enterprise-wide data privacy obligations through managing and maintaining IMPaCT:Privacy Office-owned privacy Standards in line with the Citi Policy Governance Policy, related Standard, and Procedure

• Provide input to the design, publication, and maintenance of enterprise controls for data privacy

• Support management reporting cycles and key indicator development

• Preparation of clear, accurate and timely reports and escalations on privacy and data protection risks, risk mitigation measures and compliance activities 

• Assess, evaluate, and validate controls through processes and tools such as the MCA and KRIs as appropriate for data privacy risk

• Support the delivery of privacy tools, training, templates, and other resources to be leveraged by the business to support data privacy compliance across the enterprise 

• Support Process Owner related responsibilities for IMPaCT:Privacy Office owned Business Processes

• Support the investigation and remediation of privacy incidents where required

• Responsible for the direction, coordination, implementation, execution, control and completion of program / project and associated dependencies

• Influences and negotiates with senior leaders (across functions); may communicate and coordinate with external parties i.e., third party vendors

• Support periodic reviews of Business and Function data privacy processes and controls, and validate changes as a result of such reviews

• Track and review deviations and risk acceptances when raised and at the time of renewal to assess the need for deviations and ascertain that the business has implemented and documented effective compensating controls

• Follow Escalation Policy and procedures to ensure effective escalation and socialization of material risk events and issues across businesses for any data privacy related items

• Track Issue and CAP status and progress for data privacy related items and proactively escalate as appropriate

• Support IMPaCT:Privacy Office owned Issues and CAPs from planning, to remediation, to closure

• Support the Business and Functions on reviews and audits related to Data Privacy.  Support the business on reviewing and responding to findings by reviewers

• Coordinate and support the Business in the implementation of global, regional and local Data Privacy, regulatory and risk and control projects

• Ensure high quality execution for Data Privacy programs for any Citi initiated programs, in coordination with Global Risk and Control and In Business Regulatory Engagement Head

• Leads and directs a team of professionals, including management of people, to include performance evaluation, compensation, hiring, disciplinary actions/terminations and budget approval

What we’ll need from you

• Relevant experience in Risk and Control field

• Prior experience of ownership/management of controlled documentation e.g. Policies, Standards, Procedures is desirable

• Proactivity in problem-solving and information gathering to define frameworks, processes and procedures to effectively manage privacy risk

• Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls.  Additionally, familiarity with privacy related technology considerations such as cookies, mobile devices, biometric and geolocation data is desired

• Sound judgement with the ability to take a leadership position on Data Privacy issues

• Strong business analysis competency in shaping opportunities via conceptual thinking and abstract problem-solving capabilities

• Communicates effectively, develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences; able to drive consensus, and influence relationships at all levels

• Collaborates effectively by building partnerships and working well with others to meet shared objectives

• Strong negotiation, influencing and stakeholder management skills across a variety of stakeholders at different levels

• Optimizes work processes by balancing effective / efficient processes with a focus on continuous improvement. Demonstrates ability to balance between understanding the “big picture” while paying close attention to detail

• Up-to-date understanding of key data privacy risk and control concepts, tools and trends 

• Proficient in the use of basic Microsoft applications (Word, Excel, PowerPoint), and SharePoint

• Organizational savvy; understands systems, management processes, knows where to go for information and how to interpret it

Education

Bachelor's/University degree, Master's degree preferred 

------------------------------------------------------

Job Family Group:

Data Governance

------------------------------------------------------

Job Family:

Data Privacy

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Most Relevant Skills

Constructive Debate, Data Governance, Data Management, Internal Controls, Laws and Regulations, Management Reporting, Policy and Procedure, Program Management, Regulatory Management, Risk Controls and Monitors.

------------------------------------------------------

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.