Head, Data & Privacy Operations

Job Description

The Role ResponsibilitiesThe Head of Data & Privacy Operations role will lead a team of Data Management and Privacy Operations professionals within Group COO Data Management and Privacy 1 st line centre of excellence. The role will support businesses and functions across the bank in reducing their risks relating to data management, data privacy & records management. This support will include the deploying and operationalizing tools and processes specifically designed to meet the Bank s data aspirations (including risk reduction) through the strengthening of controls. Furthermore, the support includes providing a service to businesses and functions to guide and assist them in their usage of the data & privacy management toolset.The role holder will be responsible for driving adoption of the data management, records management & privacy tools and processes across the bank and also channelling feedback to the Data Management product owners, to enable continuous improvement and drive better client experience. The role holder will ensure that the team continuously improves its level of understanding not only of the toolset, but also of the bank s processes, with a view to becoming trusted advisors to process owners, on matters relating to data management and privacy. The role holder will bring a strategic mindset whilst also maintaining hands-on control over the outcomes that the team is responsible for. The role holder must be comfortable dealing with ambiguity and building strong stakeholder relationships and communication channels across the businesses and functions.This role will manage a cross disciplinary team data management, records management and data privacy professionals who provide subject matter expertise and advice, tailored to the businesses, regions and functions that they support across the Bank. The role holder will create the vision for the team and lead and motivate the team to achieve it.Providing Operational Support

• Implement and manage operational processes which deliver outcome focused & timely service delivery.
• Analyse existing business & functional processes to identify automation opportunities in area of data management, data privacy and records management.
• Recommend process improvements to address control gaps and to enhance efficiency where possible.
• Support & coordinate with stakeholders in defining automation or remediation actions / solutions.
• Develop, track & analyse actionable metrics to continuously improve tools, procedures & provide visibility of operations to management.

Risk Management

• Support liaison with Risk Assurance team on any Group Internal Audit and any regulatory inspections as required.
• Assist in identifying, assessing, monitoring, controlling and mitigating data management, privacy and record management risks to the Group.
• Adopt a proactive approach to threat risk assessment through appropriate stakeholder engagement and monitoring of the external environment to improve assurance planning.
• Work with other risk assurance teams to drive efficiency, effectiveness and reduce duplication.

Supporting Strategic Delivery and Risk ReductionBuild effective relationships with stakeholders to facilitate:

• The provision of timely & effective service delivery.
• Collaboration with other business, functions & 2 nd line compliance to improve risk controls.
• Grow trust with internal stakeholders and regulators by delivering best practice on data protection data and privacy.

Developing Capability and Supporting Success

• Facilitate the on the job learning from current & previous experience by identifying and communicating transferable lessons, helping to embed these lessons, and encouraging best practice.

Business, Functions, and Regions

• Provide robust challenge and escalation to senior management and all relevant business/function/region stakeholders to ensure activities achieve risk reduction.
• Maintain strong stakeholder engagement with the Chief Data Protection Officer, Heads of Operations - Automation, Chief Information Security Office, Head Information Protection, 2 nd line Risk & Compliance, and Internal risk assurance and COOs teams to ensure alignment across stakeholder groups

Governance

• Provide timely and accurate reporting to internal risk assurance team & appropriate forums /committees
• Ensure appropriate oversight to senior management and facilitate resolution of high impact risk and issues.

Leadership, People, and Talent

• Practice a proactive self-orienting and self-motivating work ethic.
• Provide strong leadership, management, and coaching
• Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with internal & external stakeholders.

Communication

• Regularly share lessons learnt and best practice in a timely manner across a wide-ranging stakeholder group within businesses/functions

Regulatory and Business Conduct

• Display exemplary conduct and live by the Groups Values, Valued Behaviours, and Code of Conduct
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key Stakeholders

• Group COO - Trust, Data, and Resilience
• Global Head Data Management & Privacy
• Chief Data Protection Officer
• Head of Operations - Automation
• Head ICS, Business & Functions
• Global Head of Assurance Cyber, Data & Automation
• 2 nd line Risk & Compliance
• Group Chief Information Security Officer
• Group Data Officer
• SIS & Head - Information Protection

Our Ideal Candidate

• 13 and more years of related experience
• Core understanding of Information Security Policy, Privacy Policy, Data Management Framework & Records Retention Policies and Standards.
• Basic exposure to global data protection laws and practices preferred with an understanding of any of the following: Personal Data Protection Acts, General Data Protection Regulation, Cybersecurity Act, Safe Harbour and Multi-Jurisdictional IT / Privacy regulations and requirements such as cross-border data transfer.
• Previous exposure of data protection & privacy, data handling and data classification including (but not limited to) preferred: Data and application protection, cross border data restrictions, data classification, data discovery, data governance, data loss prevention, back-up/recovery, and retention etc.
• Good organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise
• Strong interpersonal skills to foster positive relationships with internal and external stakeholders
• Effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers
• Ability to exercise good judgment and objectivity.
• Demonstrates ability to work with limited direction and multi-task without loss of quality
• Ability to perform the role of Change Leader
• Confident and courageous to raise/escalate issues in a pro-active, professional, and timely manner
• Demonstrate understanding of and commitment to the Group s core values
• University degree with professional certification (such as CIPP, CIA, CISA, CISSP, or CISM) preferred
• Ability to commit up to 10% business travel

Preferred

• Background in Data Protection & Privacy or Cybersecurity or Financial Crime Control related units within international financial services organisations.
• Data professionals or experience risk and control specialists preferred with background in cybersecurity, data protection & privacy.
• Knowledge of financial services and/or technology would be ideal but not a pre-requisite.

Apply now to join the Bank for those with big career ambitions.To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.,

Keyskills :
data loss preventionsubject matter expertisepersonal data protectiondata privacycross borderinternal auditrisk assurancedata managementrisk assessmentloss preventiondata governance