Director, Data Management

Job Description

The Data Management and Privacy Process and Controls team is part of a recently formed 1st line centre of excellence within the Group Chief Data Office.The role will support the Head, Data and Privacy Process and Controls, the Data and Privacy Directors and the Data and Privacy Transformation Programme (DPTP), through the provision of effective service delivery model.The role will support the implementation and operationalization of capabilities to meet the DPTP goals. The role will also provide timely feedback, data and management information to relevant stakeholders.This is a hands-on, individual contributor role, working in a team of data management and privacy experts who provide subject matter expertise and advice, tailored to the businesses, regions and functions of the Bank. This role reports to the Head, Data and Privacy Process and Controls, who is based in Warsaw.Strategy
• Implement and manage operational processes which delivers outcome focused and timely service delivery.
• Analyse existing business and functional processes to identify automation opportunities in area of data management, data privacy and records management.
• Develop, track and analyse actionable metrics to continuously improve tools, procedures and provide visibility of operations to management.
• Support and coordinate with stakeholders in defining automation or remediation actions / solutions.
• Recommend process improvements to address control gaps and to enhance efficiency where possible.
Processes
• Provide robust challenge and escalation to senior management and all relevant business / function / region stakeholders to ensure activities achieve risk reduction.
• Maintain strong stakeholder engagement with the Chief Data Protection Officer, Heads of Operations, COO teams, 2nd line Risk and Compliance, 3rd line Group Internal Audit and Internal Risk Assurance teams to ensure alignment across stakeholder groups.
Governance
• Create and maintain DoIs, templates and trackers for the activities performed by the Team
• Maintain an up-to-date view of the Team vision, showing the target state toolset and processes
• Maintain a centralized view of the Team Book of Work, by month and by quarter
• Provide timely and accurate reporting to internal risk assurance team and appropriate forums /committees
• Ensure appropriate oversight to senior management and facilitate resolution of high impact risk and issues
People and Talent
• Practice a proactive self-orienting and self-motivating work ethic.
• Lead through example and build the appropriate culture and values.
• Set appropriate tone and expectations, and work in collaboration with internal and external stakeholders.
• Regularly share lessons learnt and best practice in a timely manner across a wide-ranging stakeholder group within businesses / functions.
Risk Management
• Facilitate the on the job learning from current and previous experience by identifying and communicating transferable lessons, helping to embed these lessons, and encouraging best practice.
• Adopt a proactive approach to threat risk assessment through appropriate stakeholder engagement and monitoring of the external environment to improve assurance planning.
• Assist in identifying, assessing, monitoring, controlling and mitigating data management, privacy and record management risks to the Group.
• Support liaison with Risk Assurance team on any Group Internal Audit and any regulatory inspections as required.
• Work with other risk assurance teams to drive efficiency, effectiveness and reduce duplication.
• Supporting Strategic Delivery and Risk Reduction
• Build effective relationships with stakeholders.
Regulatory and Business Conduct
• Display exemplary conduct and live by the Groups Values, Valued Behaviours, and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
Key Stakeholders
• Global Head - Data Management and Privacy
• DPTP Squad Product Owners, Scrum Masters and SMEs
• Data and Privacy Operations Directors and Mangers
• 2nd line Risk and Compliance
• 3rd line Group Internal Audit
• Group Data Protection Officer
• DPTP Transformation team
Our Ideal Candidate
• University degree with professional certification (such as CIPP, CIA, CISA, CISSP, or CISM) preferred
• Basic exposure to global data protection laws and practices preferred with an understanding of any of the following
  • Personal Data Protection Acts
  • General Data Protection Regulation
  • Cybersecurity Act
  • Safe Harbour and Multi-Jurisdictional IT / Privacy regulations and requirements such as cross-border data transfer.
• Previous exposure of data protection and privacy, data handling and data classification including (but not limited to) preferred: Data and application protection, cross border data restrictions, data classification, data discovery, data governance, data loss prevention, back-up / recovery, and retention, etc.
• Core understanding of Information Security Policy, Privacy Policy, Data Management Framework and Records Retention Policy as well as Standard.
• Effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers.
• Hands-on experience of designing and deploying at least one Data Management and Privacy tool such as PIA, TPPA or RoPA.
• Good organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise.
• Confident and courageous to raise/escalate issues in a pro-active, professional, and timely manner.
• Strong interpersonal skills to foster positive relationships with internal and external stakeholders.
• Demonstrates ability to work with limited direction and multi-task without loss of quality.
• Demonstrate understanding of and commitment to the Group s core values.
• Ability to exercise good judgment and objectivity.
• Ability to perform the role of Change Leader .
• Ability to commit up to 10% business travel.
• Good communication skill.
Role Specific technical Competencies
• Data and Privacy by Design
• Data Management
• Data Protection
• Cyber Security
• Data Privacy
,

Keyskills :
data loss preventionkeeping things simple3rd party relationshipssubject matter expertisedata privacyhuman skillscross borderinternal audit