Data Privacy Lead Analyst - C13 - TAMPA (Hybrid)

$103,920 - $155,880/Yr

Citigroup - Tampa, FL

posted about 2 months ago

Full-time - Senior
Tampa, FL
Credit Intermediation and Related Activities

About the position

The Data Privacy Lead Analyst is responsible for facilitating and executing the day-to-day activities that support governance and oversight, operational risk management, and controls leadership across the respective business. This individual plays a crucial role in supporting privacy-related capabilities and requirements, ensuring compliance with the Citi Global Privacy Policy, and identifying and managing operational risks associated with privacy. The analyst will work collaboratively across the business to ensure that effective controls and monitoring are in place to mitigate risks associated with data privacy. In this role, the analyst will engage in the assessment of privacy impact processes and controls required for all initiatives, new products, and services. They will assess, evaluate, and validate controls through processes and tools such as the MCA (Management Control Assessment) and KRIs (Key Risk Indicators) as appropriate for data privacy risk. The analyst will support the business and functions during reviews and audits on data privacy, assisting in reviewing and responding to findings by reviewers. Additionally, they will manage day-to-day activities that support the implementation of global policy requirements and regional standards, as well as assess legal and regulatory requirements in collaboration with Country Legal and Compliance. The analyst will coordinate periodic reviews of the business's data privacy processes and controls, validating changes resulting from such reviews. They will track and review deviations and risk acceptances, assessing the need for deviations and ensuring that the business has implemented and documented effective compensating controls. Following the escalation policy and procedures, the analyst will ensure effective escalation and socialization of material risk events and issues across businesses for any data privacy-related items. They will assist the business in creating Issues/CAPs (Corrective Action Plans) related to data privacy as needed, tracking and escalating as necessary. Moreover, the analyst will provide input and review completed data privacy CAPs in the tracking system prior to validation by other control and assessment functions such as Internal Audit and ORM (Operational Risk Management). They will coordinate and support the business in implementing global, regional, and local data privacy, regulatory, and risk and control projects, ensuring high-quality execution for data privacy programs for any Citi-initiated programs, in coordination with Global Risk and Control and the In-Business Regulatory Engagement Head. Finally, the analyst will develop and implement training on risk and control concepts, processes, tools, and their effects.

Responsibilities

  • Engages in assessment of Privacy impact processes and controls required for all initiatives, new products and services.
  • Assess, evaluate, and validate controls through processes and tools such as the MCA and KRIs as appropriate for data privacy risk.
  • Support the Business and Functions on reviews and audits on Data Privacy.
  • Manage day to day activities that support implementation of global policy requirements and regional standards.
  • Coordinate periodic reviews of the Business's data privacy processes and control and validate changes as a result of such reviews.
  • Track and review deviations and risk acceptances when raised and at the time of renewal.
  • Follow Escalation Policy and procedures to ensure effective escalation and socialization of material risk events and issues across businesses for any data privacy related items.
  • Assist business in creation of Issues/CAPs related to data privacy as needed.
  • Provide input and review of completed data privacy CAPs in the tracking system prior to validation by other control and assessment functions such as Internal Audit and ORM.
  • Coordinate and support the Business in the implementation of global, regional and local Data Privacy, regulatory and risk and control projects.
  • Ensure high quality execution for Data Privacy programs for any Citi initiated programs, in coordination with Global Risk and Control and the In Business Regulatory Engagement Head.
  • Develop and implement training on risk and control concepts, processes, tools, and on effect.

Requirements

  • 6-10 years of relevant experience.
  • Demonstrates Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management experience or minimum two years in an Internal Audit, Risk Management, or Control Management related role.
  • Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls.
  • Familiarity with privacy related technology considerations such as cookies, mobile devices, biometric and geolocation data is desired.
  • Risk-based thinking and analytical mindset.
  • Ability to lead and drive controls across the products and functions irrespective of reporting lines.
  • Communicates effectively, develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences.
  • Collaborates effectively by building partnerships and working well with others to meet shared objectives.
  • Up-to-date understanding of key data privacy risk and control concepts, tools and trends.
  • Experience in managing and implementing successful projects.
  • Proficient in the use of basic Microsoft applications (Word, Excel, PowerPoint).

Nice-to-haves

  • Privacy certification is preferred but not required.

Benefits

  • Disability insurance
  • Health insurance
  • Dental insurance
  • 401(k)
  • Paid time off
  • Vision insurance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service