Compliance Manager

Description

Are you passionate about data privacy and eager to launch or continue your career in risk management? We are seeking a Privacy Risk Professional to enhance our enterprise privacy and compliance efforts to support Citizens’ customer-centric and innovation-minded growth. In this role, you’ll help identify, assess, and manage privacy risks across Business Lines as well as valuable exposure to financial institution laws, regulations, and operations, cybersecurity, and data protection practices.

As a Privacy Manager, you will execute the Privacy Office strategy for compliance with Citizens policies as well as existing and new laws and regulations. You’ll play a key role in implementing Privacy by Design (PbD) practices across the organization. This role requires a data-centric mindset and strong technical skills, as you will be expected to develop and analyze metrics, build metrics reports and metrics dashboards, and support data-driven decision-making across privacy initiatives. In addition, a fun sense of humor will be highly appreciated! 

Primary responsibilities include:

• Partner with Business Lines/Divisions to ensure timely identification, mitigation, resolution, and escalation of existing and emerging privacy risks
• Work independently and collaboratively with risk partners, business stakeholders, and third-party vendor management teams to perform privacy vendor assessments
• Implement Privacy by Design (PbD) practices across the organization to support identification and remediation of privacy risk
• Execute cross-functional, bank-wide strategies for compliance with all applicable Citizens policies, existing and emerging regulations and laws, and future Federal and State laws as they are enacted
• Provide guidance, oversight, and challenge to risk partners and Business Lines/Divisions regarding privacy-related risks
• Collaborate with risk partners and Business Lines/Divisions to assess privacy-related controls to ensure compliance with applicable Citizens policies, laws, rules, and regulations
• Perform independent privacy risk assessments of regulations and laws (e.g., GLBA, GDPR, CCPA, COPPA, TCPA, CAN-SPAM and other regulatory frameworks) to evaluate risks and propose mitigation controls/strategies
• Complete Privacy Impact Assessments on new business initiatives and products to identify potential privacy risks
• Assist in investigating and remediating privacy incidents
• Create, design, monitor, and analyze key risk metrics to identify emerging and potential privacy risks, trends, and issues, and escalate appropriately
• Create, design, monitor, and analyze key performance metrics to measure Privacy Program performance and engagement
• Partner with Second Line of Defense functions to influence improvement in risk culture, privacy risk profile, and control effectiveness
• Support Privacy Office in development, maintenance, and enhancement of the Privacy Program
• Leverage strong skills to manage and analyze privacy-related data, build dashboards, and generate reports that support strategic decision-making

Qualifications

• 2+ years privacy experience
• Working knowledge of privacy-related risks associated with a banking institution as well as experience working in and/or building effective privacy programs
• Experience with identifying and mitigating privacy risks associated with Marketing/Ad Tech experience preferred
• Experience with consent and preference management law, regulations, and business line support preferred 
• Incident Response experience preferred, including experience leading investigations, analysis, and other notification/response activities
• Familiarity with reading, interpreting, and applying privacy policies, procedures, regulations, and laws to the subject scenario
• Strong legal research skills preferred
• Detail-Oriented: Careful and thorough in handling privacy-related data and documentation
• Excellent Communicator: Able to translate complex privacy terms, principles, policies, laws, and regulations into understandable concepts and clear, actionable tasks
• Collaborative Team Player: Works well with diverse teams; open to feedback; incorporates feedback into next steps
• Independent Worker: Self-starter; does not need constant managerial oversight; can initiate and complete appropriate (prioritized) tasks without regular colleague prompting 
• Critical Thinker: Enjoys solving problems and assessing risk logically; able to quickly identify privacy issues, think through, and clearly articulate solution options
• Technically proficient in Microsoft Excel, including pivot tables, VLOOKUP, advanced formulas, and data visualization tools preferred; proficiency with technologies such as OneTrust, Tableau, Python, Gen AI, SQL and other privacy enabling and reporting technologies preferred
• Data-Centric: Comfortable working with large datasets and using data to drive insights and decisions
• Proficiency working with Microsoft Office suite products required

Education, Certifications and/or Other Professional Credentials

• Bachelor’s degree required
• IAPP certification strongly preferred
• CISSP/CISA certification welcomed
• AWS Cloud Practitioner certification welcomed 
• Artificial Intelligence governance certification welcomed 

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.