Operational Risk Officer - Privacy
Company: Citi
Location: Garland
Posted on: January 19, 2023
Job Description:
The US Personal Banking (USPB), In-Business Privacy Officer is
responsible for providing governance and oversight, operational
risk management and controls leadership across the USPB Businesses
for all activities associated with Privacy. This candidate will
perform governance and oversight ownership and have responsibility
for Privacy covering all privacy related capabilities and
requirements including compliance with the Citi Global Privacy
Policy, identification and management of operational risks
associated with Privacy and working across the business to ensure
that effective controls and monitoring are in place to reduce risk.
This position will report to the PBWM USPB In Business Privacy
Offer Lead and will support the lead to ensure that the USPB is
compliant with the Global Privacy Policy, Standards, and Procedures
and the applicable laws rules, and regulatory requirements. Key
responsibilities include: Risk Identification, Analysis, and
Management
- Lead the Privacy Impact Assessment (PIA) process and controls
required for all initiatives, new products and services
- Work with Global In-Business Risk Head to identify, quantity,
prioritize, and report key data privacy risks and vulnerabilities
within the Business
- Provide data privacy specialist risk and control advice and
guidance to the product heads and functions
- Assess, evaluate, and validate controls through processes and
tools such as the MCA and KRIs as appropriate for data privacy
risk
- Support the business in reviewing, maintaining, and enhancing
Permanent Control Readiness Standard and Procedures Coordination
- Support the product heads, function heads, COOs and In Business
Risk team on gap analysis and the implementation of global policy
requirements and regional standards, and on the assessment of the
legal and regulatory requirements with Country Legal and Compliance
as well as the development of local procedures as relate to data
privacy.
- Coordinate periodic reviews of the Business's data privacy
processes and control and validate changes as a result of such
reviews.
- Track and review deviations and risk acceptances when raised
and at the time of renewal to assess the need for deviations and
ascertain that the business have implemented and documented
effective compensating controls. Issue Escalation
- Follow Escalation Policy and procedures to ensure effective
escalation and socialization of material risk events and issues
across businesses for any data privacy related items.
- Escalate material risk events and issues appropriately Issue
Management and Corrective Action Plan (CAP) Management,
Coordination and Escalation
- Assist business in creation of Issues/CAPs related to data
privacy as needed (issues and CAPs owned by Product/Region business
owner)
- Track issue and CAP status and progress for data privacy
related items and proactively escalate as appropriate.
- Validate completed data privacy CAPs in the tracking system
prior to validation by other control and assessment functions such
as Internal Audit and ORM. Audits, Franchise Reviews and Regulatory
Examination Management
- Support the Business and Functions on reviews and audits on
data privacy. Support the business on reviewing and responding to
findings issues by reviewers.
- Work with Global In-Business Regulatory head on all reviews and
audits to ensure appropriate preparation, pre-review assessments
and post-review remediation. Risk and Control Project Management
- Coordinate and support the Business in the implementation of
global, regional and local data privacy regulatory, risk and
control projects.
- Ensure high quality execution for data privacy programs for any
Citi initiated programs, in coordination with Global In-Business
Risk Head and In Business Regulatory Risk Head. Training and
Awareness
- Perform training on risk and control concepts, processes,
tools, and on effective issue self-identification and testing.
Customize global and regional training programs to cater for
product specific or local requirements and nuances.
- Create Permanent Control Readiness awareness based upon remit
Skills and Experience Minimum five years in the Financial Services
IndustryDemonstrated Data Privacy, Information Security or Cyber
related risk management experience in a financial services
environment or Minimum two years in an Internal audit, Risk
Management, or Control Management related role.Working knowledge of
Data Privacy Compliance laws, rules, regulations, risks, and
appropriate controls. Additionally, familiarity with privacy
related technology considerations such as cookies, mobile devices
and biometric, geolocation data is desired.Privacy Certification is
preferred but not required.Risk-based thinking and analytical
mindset.Ability to lead and drive controls across the products and
functions irrespective of reporting lines.Ability to develop,
execute and monitor initiative plans.Ability to manage through
influenceAbility to build rapport and work closely with
stakeholders and partners within and outside the businessUp-to-date
understanding of key data privacy risk and control concepts, tools
and trendsExcellent communication skills (written and
verbal)Self-starter who can work independentlyAbility to work on
virtual projects and across virtual teams to get work doneAbility
to multi-task and manage concurrent projects and
deliverablesProficient in the use of basic Microsoft applications
(Word, Excel, PowerPoint)Knowledge of PBWM business and products
preferred - Job Family Group: Risk Management - Job
Family:Operational Risk Time Type: Full time Primary Location:
Jacksonville Florida United States Primary Location Salary Range:
$96,570.00 - $144,850.00 Citi is an equal opportunity and
affirmative action employer.Qualified applicants will receive
consideration without regard to their race, color, religion, sex,
sexual orientation, gender identity, national origin, disability,
or status as a protected veteran.Citigroup Inc. and its
subsidiaries ("Citi") invite all qualified interested applicants to
apply for career opportunities. If you are a person with a
disability and need a reasonable accommodation to use our search
tools and/or apply for a career opportunity review Accessibility at
Citi .View the " EEO is the Law " poster. View the EEO is the Law
Supplement .View the EEO Policy Statement .View the Pay
Transparency Posting - Effective November 1, 2021, Citi requires
that all successful applicants for positions located in the United
States or Puerto Rico be fully vaccinated against COVID-19 as a
condition of employment and provide proof of such vaccination prior
to commencement of employment.
Keywords: Citi, Garland , Operational Risk Officer - Privacy, Other , Garland, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...