Citizens
Privacy Director
Citizens, Westwood, Massachusetts, us, 02090
The Privacy Director will lead the Privacy Office, driving the strategy for compliance with existing and new laws and regulations. Leading a team of privacy professionals and developing cross-functional business relationships, the Privacy Director will foster an open and honest risk management and compliance culture within Citizens. This includes setting strategy for compliance, providing oversight of the Privacy Program, guidance to all Citizens Business Lines/Divisions, and supporting response efforts related to privacy incidents. The Privacy Director will lead various operational functions of the Privacy Program by identifying, evaluating, aggregating, and managing privacy-related risks, developing privacy-related standards, policies, procedures, and providing privacy guidance on all privacy-related concerns across the bank.Job Duties:
Lead the cross-functional, bank-wide strategy for compliance with applicable existing and emerging Federal and State regulations and laws.Influence the organizational culture related to managing privacy, identity theft, and data protection risks.Collaborate with Business Lines/Divisions to assess privacy-related controls to ensure compliance with applicable laws, rules, and regulations. Partner with the Office of Fair & Responsible Banking and Corporate Security to assess potential areas of harm.Lead privacy incident investigation, analysis, and response activities for all privacy issues reported to the Privacy Office.Perform independent privacy risk assessments of regulations and laws (e.g., GLBA, GDPR, CCPA, TCPA and other frameworks and guidance) to evaluate risks and propose mitigation controls/strategies.Analyze new business initiatives and products to identify potential privacy risks, ensuring Privacy by Design approaches are implemented.Evaluate vendor contracts and services for inclusion of appropriate privacy and data protection provisions.Develop, monitor, and analyze key risk metrics to identify emerging and potential privacy risks, trends, and issues, and escalate appropriately.Support the Chief Privacy Officer in the development, maintenance, and enhancement of the Privacy Program, as well as regulatory notifications and Board of Director communications.Partner with Business Lines/Divisions to ensure timely identification, mitigation, resolution, and escalation of existing and emerging privacy risks and issues.Required Skills/Experience:
8+ years of risk management experience from working in the financial services industry.8+ years of Privacy, Compliance, or Risk experience.Strong working knowledge of privacy-related risks associated with a banking institution as well as experience working in and/or building effective privacy programs.Working knowledge of Artificial Intelligence and associated privacy risks.Incident Response experience preferred including experience leading investigations, analysis, and other notification/response activities.Organizational experience managing large and complex projects and ability to interact with senior management and within a matrixed environment.Deep understanding of banking products and operations; regulatory requirements; and key processes, controls, and exposure areas.Proven leadership and management skills in a professional environment.Education, Certifications:
Bachelor’s degree in a relevant field required; Advanced degree preferred (e.g., Masters/MBA/JD).Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional (CIPP), or other comparable certifications preferred.Hours and Work Schedule:
Hybrid - 3 days in the office, 2 working from homeLocation:
Boston MA or Johnston RI OfficeWork Schedule:
Monday-Friday
#J-18808-Ljbffr
Lead the cross-functional, bank-wide strategy for compliance with applicable existing and emerging Federal and State regulations and laws.Influence the organizational culture related to managing privacy, identity theft, and data protection risks.Collaborate with Business Lines/Divisions to assess privacy-related controls to ensure compliance with applicable laws, rules, and regulations. Partner with the Office of Fair & Responsible Banking and Corporate Security to assess potential areas of harm.Lead privacy incident investigation, analysis, and response activities for all privacy issues reported to the Privacy Office.Perform independent privacy risk assessments of regulations and laws (e.g., GLBA, GDPR, CCPA, TCPA and other frameworks and guidance) to evaluate risks and propose mitigation controls/strategies.Analyze new business initiatives and products to identify potential privacy risks, ensuring Privacy by Design approaches are implemented.Evaluate vendor contracts and services for inclusion of appropriate privacy and data protection provisions.Develop, monitor, and analyze key risk metrics to identify emerging and potential privacy risks, trends, and issues, and escalate appropriately.Support the Chief Privacy Officer in the development, maintenance, and enhancement of the Privacy Program, as well as regulatory notifications and Board of Director communications.Partner with Business Lines/Divisions to ensure timely identification, mitigation, resolution, and escalation of existing and emerging privacy risks and issues.Required Skills/Experience:
8+ years of risk management experience from working in the financial services industry.8+ years of Privacy, Compliance, or Risk experience.Strong working knowledge of privacy-related risks associated with a banking institution as well as experience working in and/or building effective privacy programs.Working knowledge of Artificial Intelligence and associated privacy risks.Incident Response experience preferred including experience leading investigations, analysis, and other notification/response activities.Organizational experience managing large and complex projects and ability to interact with senior management and within a matrixed environment.Deep understanding of banking products and operations; regulatory requirements; and key processes, controls, and exposure areas.Proven leadership and management skills in a professional environment.Education, Certifications:
Bachelor’s degree in a relevant field required; Advanced degree preferred (e.g., Masters/MBA/JD).Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional (CIPP), or other comparable certifications preferred.Hours and Work Schedule:
Hybrid - 3 days in the office, 2 working from homeLocation:
Boston MA or Johnston RI OfficeWork Schedule:
Monday-Friday
#J-18808-Ljbffr