Data Privacy & Protection/Information Management Operations Lead C-15 - Director

Chief Data Office - Data Privacy &Protection/Information Management Operations Lead C-15 - Director
The Data Privacy &Protection/Information Management Operations Lead is a senior leadership position in Citi's Chief Data Office (CDO) within the Chief Operating Office (COO) organization. The mandate of COO is to lead the Transformation efforts of the firm to deliver client excellence, improved operating efficiency and returns. As part of COO, the CDO organization is responsible for an enterprise-wide effort to transform and strengthen the firm's data, modernize data infrastructure while simplifying the data operating model and executing the strategic priorities for the firm. The CDO defines and enforces data-related policies and standards across Citi and equips the firm with the tools required to take ownership and accountability for data governance and management. The CDO comprises of four functional groups: Business Aligned Data Leads, Core Data Delivery, Data Enablers, and Data Functions & Partners.
The Data Privacy &Protection/Information Management Operations Lead is responsible for the implementation and ongoing execution of the enterprise Data Privacy and protection risk management program. It is a first line of defense position whose focus of accountability is centered around controls monitoring, risk/issue escalation, and remediation oversight.
This role will routine engage with Business data and process owners as well as second and third line of defense partners to ensure ongoing compliance through effective and efficient controls execution and oversight.
Responsibilities:

• Developing and managing the Data Privacy & Protection Operations team
• Partnering with the Global Head of Data Privacy & Protection to establishing and maintaining the DPP Operations target operating model, including the governance and engagement structure, monitoring practices, success criteria, and key indicators
• Acting as a the Data Privacy & Protection Operations representative in privacy-related forums across Citi
• Promoting Data Privacy and protection awareness and best practices through communication and training advocacy within Citi businesses
• Rationalizing requirements where possible to create standardized, repeatable processes that can be leveraged across multiple jurisdictions
• Supporting initiative owners in conducting Privacy Impact Assessments (PIAs), reviewing new or modified initiatives, identifying privacy impacts, and recommending controls to mitigate any potential privacy risks
• Monitoring the development and execution of privacy Corrective Actions Plans (CAPS) to resolve identified control deficiencies and to achieve process improvement opportunities
• Reporting, identifying and validating metrics to measure compliance, monitor risks and track mitigating actions
• Reviewing Security Incident Response Team incidents (SIRTs) impacting Personally Identifiable Information (PII) and participating in the mitigation and resolution plans including supporting the notification to data subjects
• Advising on and responding to Individual Rights requests (e.g. Data Subject Access Requests) including those that are extra-territorial in nature and escalating any issue or queries to the associated Data Protection Officers
• Participating in the development and maintenance of standards, procedures, and data processing inventories, assessing these periodically and updating them as needed to meet evolving internal and external requirements
• Partnering with Data Governance leaders to develop and manage organization workforce
• Manages diverse teams of managers and/or individual contributors
• Defines and resolves complex problems by looking beyond existing processes
• Requires specialized knowledge of Data Privacy related laws and regulations to provide advice to Business and Operational leadership, Global stakeholders and senior governance forum
• Provides input into the overall strategy for Data Privacy standards. Coordinates with regional and local teams to facilitate management responses during review cycles to ensure adherence to Data Privacy Standards enterprise wide
• Establish and implement process and procedures for governing and adopting Citi Data Privacy policies, in compliance with all relevant regulations and respective business needs
• Influences and negotiates with senior leaders (across functions); may communicate and negotiate with external parties i.e., third party vendors
• Execute and champion a framework for governance of Data Privacy across the organization, including the operating and accountability model including promoting
• Privacy by Design and drive improvements into the mechanics of how teams incorporate compliance and privacy-by-design into operations and product life cycles
• Execute enterprise-wide risk reduction metrics and reporting framework, and/or embed Data Privacy culture throughout the organization and role model the importance of Data Privacy governance across the Enterprise
• Implement practices that comply with data protection and privacy regulations
• Communicate the value of Data Privacy and its impact on the bank's business to stakeholders
• Develop and deliver tools, trainings, templates, and other resources to be leveraged by the business to support Data Privacy compliance across the enterprise
• Review business processes to ensure the best practices are followed around the handling and use of personal information
• Lead execution of operational elements of risk mitigation plans for Impact Assessments
• Provide clear, accurate and timely reporting and escalations on privacy and data protection risks, risk mitigation measures and compliance activities
• Investigation and remediation of privacy incidents

Successful Candidates Will Possess:

• Deep knowledge of Data Privacy, along with an understanding of regulatory, compliance, risk management and financial management concerns including subject matter expertise in Data Privacy laws, rules, regulations, and industry standards
• Experience in large-scale, multi-year transformation and capability building efforts
• Strong conceptual/ practical grounding in Privacy and Risk and Control frameworks and methodologies.
• Strategic mindset, who can plan ahead to future possibilities and translate them into breakthrough strategies
• Communicates effectively, develops, and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences; able to drive consensus, and influence relationships at all levels
• Sound judgement with the ability to take a leadership position on all Data Privacy issues within Citi on all Data Strategy and Transformation related issues
• Can effectively lead change in an organization with Citigroup's size, scale, and complexity; Experience leveraging the processes and principles of change management to drive organizational change, defining change criteria, providing support and education, managing resistance, and measuring outcomes
• Manages through ambiguity by making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems
• Experience in leading cross-functional teams
• Promotes a culture of collaboration and teamwork across organizations; and demonstrates effective work relationships with business and global function colleagues

Basic Qualifications:

• At least 15 years of relevant experience in data governance
• At least 10 years of people leadership experience
• Bachelor's Degree

Preferred Qualifications:

• At least 7 years of Data Privacy experience at a law firm, in-house and/or in the government
• Masters Degree
• Preferred Data Privacy professional qualifications such as CIPP, CIPM, or CIPT

Job Family Group:
Data Governance
Job Family:
Data Privacy
Time Type:
Full time
Primary Location:
Tampa Florida United States
Primary Location Full Time Salary Range:
$170,000.00 - $300,000.00
In addition to salary, Citi's offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
Anticipated Posting Close Date:
Apr 12, 2024
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting