girl looking into her desktop
Back to search results

Privacy EAC Compliance & Ops Risk Manager

Charlotte, North Carolina;

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Privacy Compliance and Operational Risk is looking for an experienced privacy professional to join as a Compliance and Operational Risk Manager. This position serves in an individual contributor role with responsibility for the execution of the Global Compliance and Operational Risk Program focused primarily on coverage of Global privacy risks and other business initiatives as needed.


The position will work closely with cross-functional teams in legal/ risk/ compliance to advise and oversee the business on data privacy risks.

Responsibilities include but are not limited to the following activities:
•Drive privacy compliance and operational risk strategy and priorities related to overseeing compliance with data privacy laws, rules and regulations and adherence to the company’s policies that ensure the privacy of customer and employee information.
•Collaborating across the Enterprise Privacy team, lead in the development and implementation of monitoring and testing coverage plans, privacy risk assessments, business process assessments, and privacy reviews for third parties handling personal information.
•Overseeing key regulatory activities.
•Evaluating business line initiatives and processes from a privacy risk perspective.
•Collaborating with Enterprise Privacy and leadership to provide strategic guidance on emerging privacy trends and requirements

Minimum 7 years of relevant experience with a minimum of 4 years of direct experience in Risk Management or Privacy. Experience implementing and overseeing global privacy law, rules, regulations is preferred.


Degree Required: Bachelor’s Degree or Equivalent experience


•CIPP or other relevant certification preferred
•Ability to build relationships internally and externally
•Ability to think strategically
•Excellent written and oral communication skills
•A Self-motivated, hands-on, driven individual

Desired Skills:
In depth knowledge of or certification in law, rule, regulation or area of coverage (i.e.: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The EAC C&OR Manager assists in engaging other C&OR officers, including horizontal coverage owners and EAC, to provide comprehensive oversight of FLU/CF activities. This role assists in developing and maintaining a global coverage plan which defines the scope and risk-based focus of the second line’s risk management activities. The EAC C&OR Manager also assists in preparing materials for C&OR regulatory exams/audits/inquiries and may assist with preparation for FLU/CF regulatory exams/audits/inquiries

Activities this role performs for their area of coverage include, but are not limited to:

• Produces and/or oversees the development of independent risk management reporting as input into governance and management routines
• Contributes to participation in industry forums and monitors regulatory expectations, emerging legislation and regulation, political scrutiny, litigation and key influencers (trade associations, PACs, lobbyists, consumer groups, and media) in the EAC subject area to identify and mitigate emerging risks
• Identifies regulatory training needs and provides subject matter expertise to support the development of training curriculum
• Develops and maintains C&OR-owned policies/standards and reviews relevant FLU/CF-owned policies and standards to ensure regulatory and operational risk requirements are appropriately addressed, inclusive of conduct risk as applicable
• Monitors the regulatory environment to identify regulatory changes applicable to area(s) of coverage, advises business leaders on those changes, directs the appropriate areas to implement or amend policies, standards, procedures and/or processes to address regulatory requirements, and challenges the implementation plan as needed; maintains a comprehensive regulatory inventory
• Identifies, aggregates, reports, escalates, inspects and challenges remediation plans, and performs thematic analysis on FLU/CF-owned issues and control enhancements
• Ensures C&OR “owned” issues and control enhancements are identified and addressed appropriately and timely
• Contributes to or leads development of risk coverage plans, executes and / or oversees execution of monitoring, testing and risk assessments, and communicates results
• Reviews and challenges the FLU/CF process, risk, control (PRC) inventory and FLU/CF Risk & Control Self-Assessment (RCSA) related to EAC themes or trends
• Reviews and challenges internal and external operational loss events, including development of remediation plans to strengthen controls, and approves where appropriate
• Participates in Scenario Analysis activities for coverage areas and challenges as appropriate
• Ensures metrics are designed to measure key risks and control performance, monitors and reports on metric performance and breach remediation

Enterprise Privacy Compliance and Operational Risk is looking for an experienced privacy professional to join as a Compliance and Operational Risk Manager. This position serves in an individual contributor role with responsibility for the execution of the Global Compliance and Operational Risk Program focused primarily on coverage of Global privacy risks and other business initiatives as needed.


The position will work closely with cross-functional teams in legal/ risk/ compliance to advise and oversee the business on data privacy risks.

Responsibilities include but are not limited to the following activities:
•Drive privacy compliance and operational risk strategy and priorities related to overseeing compliance with data privacy laws, rules and regulations and adherence to the company’s policies that ensure the privacy of customer and employee information.
•Collaborating across the Enterprise Privacy team, lead in the development and implementation of monitoring and testing coverage plans, privacy risk assessments, business process assessments, and privacy reviews for third parties handling personal information.
•Overseeing key regulatory activities.
•Evaluating business line initiatives and processes from a privacy risk perspective.
•Collaborating with Enterprise Privacy and leadership to provide strategic guidance on emerging privacy trends and requirements

Minimum 7 years of relevant experience with a minimum of 4 years of direct experience in Risk Management or Privacy. Experience implementing and overseeing global privacy law, rules, regulations is preferred.


Degree Required: Bachelor’s Degree or Equivalent experience


•CIPP or other relevant certification preferred
•Ability to build relationships internally and externally
•Ability to think strategically
•Excellent written and oral communication skills
•A Self-motivated, hands-on, driven individual

Desired Skills:
In depth knowledge of or certification in law, rule, regulation or area of coverage (i.e.: SCRA, Privacy); Desired: Association of Privacy Professional (IAPP) accredited certification programs for Privacy EAC

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21072097

Band: H4

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

James Henry

Referral Bonus:

0