girl looking into her desktop
Back to search results

Data Privacy Compliance and Operational Risk Manager

Charlotte, North Carolina

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Privacy Compliance and Operational Risk is looking for an experienced privacy professional to join as a Compliance and Operational Risk Manager.

Reporting to the Global Chief Privacy Officer, this position serves in a senior individual contributor role with responsibility for the execution of the Global Compliance and Operational Risk Program focused primarily on coverage of privacy risks inherent in the collection, use and sharing of personal information and international data transfers.

The position requires a wide breadth of privacy knowledge and working closely with cross-functional teams in legal/ risk/ compliance to advise and oversee the business on data privacy risks.

Responsibilities include but are not limited to the following activities:
• Drive privacy compliance and operational risk strategy and priorities related to overseeing compliance with data privacy laws, rules and regulations and adherence to the company’s policies that ensure the privacy of customer and employee information.
• Collaborating across the Enterprise Privacy team, lead in the development and implementation of monitoring and testing coverage plans, privacy risk assessments, business process assessments, and privacy reviews for third parties handling personal information.
• Overseeing key regulatory activities.
• Evaluating business line initiatives and processes from a privacy risk perspective.
• Collaborating across Enterprise Privacy and leadership to provide strategic guidance on emerging privacy trends and requirements

Required and Desired Skills:

•Minimum 7 years of risk management or other relevant experience with a minimum of 5 years of direct experience in Privacy including implementing and overseeing global privacy law, rules, regulations

•Degree Required: Bachelor’s Degree or Equivalent experience
•CIPP, CIPM, CIPT or other relevant certification preferred
•Ability to build relationships internally and externally
•Ability to think strategically
•Excellent written and oral communication skills
•A Self-motivated, hands-on, driven individual
• In depth knowledge of or certification in law, rule, regulation or area of coverage (ie: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Privacy Compliance and Operational Risk is looking for an experienced privacy professional to join as a Compliance and Operational Risk Manager.

Reporting to the Global Chief Privacy Officer, this position serves in a senior individual contributor role with responsibility for the execution of the Global Compliance and Operational Risk Program focused primarily on coverage of privacy risks inherent in the collection, use and sharing of personal information and international data transfers.

The position requires a wide breadth of privacy knowledge and working closely with cross-functional teams in legal/ risk/ compliance to advise and oversee the business on data privacy risks.

Responsibilities include but are not limited to the following activities:
• Drive privacy compliance and operational risk strategy and priorities related to overseeing compliance with data privacy laws, rules and regulations and adherence to the company’s policies that ensure the privacy of customer and employee information.
• Collaborating across the Enterprise Privacy team, lead in the development and implementation of monitoring and testing coverage plans, privacy risk assessments, business process assessments, and privacy reviews for third parties handling personal information.
• Overseeing key regulatory activities.
• Evaluating business line initiatives and processes from a privacy risk perspective.
• Collaborating across Enterprise Privacy and leadership to provide strategic guidance on emerging privacy trends and requirements

Required and Desired Skills:

•Minimum 7 years of risk management or other relevant experience with a minimum of 5 years of direct experience in Privacy including implementing and overseeing global privacy law, rules, regulations

•Degree Required: Bachelor’s Degree or Equivalent experience
•CIPP, CIPM, CIPT or other relevant certification preferred
•Ability to build relationships internally and externally
•Ability to think strategically
•Excellent written and oral communication skills
•A Self-motivated, hands-on, driven individual
• In depth knowledge of or certification in law, rule, regulation or area of coverage (ie: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21053073

Band: H4

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

James Henry

Referral Bonus:

0

Street Address

Primary Location:
100 N TRYON ST, NC, Charlotte, 28255