Privacy & Responsible Information Mgmt Compliance Lead- C13

Serves as a Privacy and Responsible Information Management Compliance Risk Officer for Independent Compliance Risk Management (PRIM ICRM) including records management, responsible for establishing internal strategies, policies, procedures, processes, and programs to prevent violations of law, rule, or regulation and design and deliver a risk management framework that maintains risk levels within the firm's risk appetite and protect the franchise. In addition, engages with the ICRM product and function coverage teams, to partner to develop and apply CRM program solutions that meet business and customer needs in a manner consistent with the PRIM ICRM and Citi program framework.  

Key Activities include:

• Support targeted assessments and execute assigned controls/GPMPs (annual sampling, policy to tool analysis, risk profile reviews)

• Develop effective governance and oversight activities.

• Create, maintain, and distribute materials for 1LOD socialization (training, guidance, and other awareness documents).

• Maintain published Policy Directory documents, input on OPRIM related standards/procedures, and desktop guidelines.

• Facilitate monthly meetings, training, and informational sessions.

• Review/analysis of related metrics, assessment questions and document recommendations/challenges

• Primary point of contact for privacy related tools for support and user feedback. (Privacy Impact Assessment, Privacy Notice Inventory, Record of Processing Activities)

• Work with various groups to support OPRIM risks and efficiency efforts. (ex. NOVA(Risk), Data Enablement, etc.)

• Partner with stakeholders to achieve target operating model and execute transition activities.

• Support OPRIM T projects and execute on assigned milestones as needed e.g. Operational Excellence pilla

• Participate in Data Enablement efforts.

• Participate from second line of defense perspective by credibly challenging the development of business requirements for privacy tools

• Credibly challenge relevant changes to privacy and information tools and supporting materials  to comply with regulatory requirements, including consultations with Data Protection Officers and Legal partners.

• Other tasks as assigned:

• Maintain relevant directories (ex. OPRIM, IBPO List)

• Designated/secondary owner for SharePoint, Teams, and Distribution lists.

• Related records management activities.

• Providing credible challenge of existing control environment across businesses and functions aligned with relevant privacy and records laws.

• Partnering, collaborating and working with other areas within Citi, as necessary.

• Keeping abreast of regulatory changes, new regulations and internal policy changes in order to further identify new key risk areas.

• New team member onboarding.

• Additional duties as assigned.

As a successful candidate, you’d ideally have the following skills and exposure:

• Expertise of Compliance risks and typologies

• Good understanding of data privacy and records laws and regulations including GDPR, CCPA, GLBA, etc.

• Strong analytical skills to assess privacy and records risks and to develop mitigation strategies

• Advanced Microsoft Office skills, including Excel, PowerPoint, and Word

• Knowledge of financial services  products, offerings  and services and horizontal programs such as cross border data, data sharing and data localization

• Must be a self-starter, flexible, innovative and adaptive

• Highly motivated, strong attention to detail, team oriented, organized

• Strong presentation skills with the ability to articulate complex problems and solutions through concise and clear messaging

• Ability to work collaboratively with regional and global partners in other functional units; ability to navigate a complex organization; to influence and lead people across cultures at a senior level

• 6-10 years compliance, risk, privacy or records experience

• Bachelor’s degree; experience in compliance, legal or other control-related function in the financial services firm, regulatory organization, or legal/consulting firm, or a combination thereof; Advanced degree preferred and/or relevant certifications

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Most Relevant Skills

------------------------------------------------------

Other Relevant Skills

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.