Data & Privacy Operations Manager

Job Description

The Data Management and Privacy Operations team is part of a newly formed 1st line centre of excellence under Group COO Trust, Data & Automation. The role will support the respective businesses and functions assigned & work closely with the 2nd line compliance and the Information Cyber Security (ICS) & Risk assurance teams to design, implement & operationalise capabilities for Data Management & Privacy Operations. The role will ensure that these capabilities are operating effectively in BAU to achieve and manage the respective business objectives in this area. The role will also provide timely feedback / data to all stakeholders to meet any key regulatory obligations and key business priorities.The successful candidate will have an opportunity to work in a multi-disciplinary team aimed to design, build and/or operate data, records and privacy controls to mitigate risks. Responsibilities include but are not limited to, data and privacy risk assessments, business process design and assessments, data protection impact assessments, data incident management, awareness and training, verification that proper risk assessments have been completed and up to date for vendors handling personal data, and verify applicable vendor agreements include required privacy and data protection terms according to global policy, client requirements and applicable privacy law.This is a hands-on, individual contributor role, working very closely with the assigned Business & Functions group and with a team of other data management & privacy experts who provide subject matter expertise and advice, tailored to the businesses, regions and functions of the Bank. Responsibilities:

• To support the Risk Squad Product Owner and Business Programme Office in planning costs, effort and approach to remediate the gaps against the uplifted DM Standard
• To support the programme office with understanding the latest view on progress/status of remediation work as it is carried out.
• To liaise with the Business SMEs in understanding requirements for proposed solutions to close control gaps by running/facilitating workshops and feeding the requirements to the DPTP Squads.
• To act as an SME in Data Management - through working with the Global Process Owners (GPOs) to assess applicability of the policy & standards in their respective areas, help design controls and monitoring checks, draft treatment plans and implementation this includes providing challenge to the business on the risk impact to the business in the event controls are not in place.
• To help Businesses and Functions to prepare various templates for privacy and records management requirements.
• Conduct assessments / surveys (e.g. on privacy impact / risk & controls) / data gathering and analysis on applications, products, processes, documentation and third parties to evaluate compliance with laws, regulations, and internal standards
• Drive change and adoption by increasing participation in awareness and relevant trainings.

Governance & Risk Management

• Assist in identifying, assessing, monitoring, controlling and mitigating data management, privacy and record management risks to the Group.
• Adopt a proactive approach to threat risk assessment through appropriate stakeholder engagement and monitoring of the external environment to improve assurance planning.
• Define metrics and dashboards for monitoring and reporting purposes
• Participate in related workshops/forums to provide input on privacy processes and requirements for new products/initiatives
• Track completion of risk mitigation plans as per timelines agreed
• Process compliance related monitoring and support for data management risk sub types
• Support in driving actions for Improve Data Management knowledge and skills
• Increase awareness of data & privacy risk and processes within the assigned Business / Functions by supporting training programs, maintaining and uplifting supporting procedures and materials
• Ensure training needs of Business/Functions are shared with the Training Lead in the Programme

Regulatory and Business Conduct

• Display exemplary conduct and live by the Groups Values, Valued Behaviours, and Code of Conduct
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Our Ideal CandidateQualifications/ Skills:

• Extensive experience in a relevant role (e.g. Compliance, Legal, Audit) or experience in a data & privacy domain of a large organisation
• Experience in one of the following Business / Functions will be an added advantage (e.g. Retail Banking; Corporate & Institutional Banking; Wealth Management; Private Banking; Legal; HR; Operations; Risk)
• Good understanding of Information Security Policy, Privacy Policy, Data Management Framework & Records Retention Policy as well as Standards.
• Effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers
• Ability to perform the role of Change Leader
• Confident and courageous to raise/escalate issues in a pro-active, professional, and timely manner
• University degree with professional certification (such as CIPP, CIA, CISA, CISSP, or CISM) preferred
• Highly motivated individual with a strong track record of achievement
• A good team player
• Ability to multi-task and work under tight deadlines
• Excellent stakeholder management skills

Key Stakeholders

• Group COO - Trust, Data, and Automation
• Head Data Management & Privacy
• COO - various Business and Functions
• Chief Data Protection Officer
• Head of Operations - Automation
• Head ICS, Business & Functions
• Global Head of Assurance Cyber, Data & Automation
• 2nd line Risk & Compliance
• Chief Information Security Officer

Apply now to join the Bank for those with big career ambitions. To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.,

Keyskills :
salesdeliverycustomer relationsmarketingmanagement3rd party relationshipsbusiness process designsubject matter expertiseenvironmental impact assessment