Data Privacy Lead Analyst - C13 - FLORENCE

About The Position

Requirements

• 5-8 years of progressive experience in risk management, control assurance, issue management, or governance within global financial institutions or enterprise settings, specifically within data privacy, regulatory compliance, or data governance.
• Proven ability to collaborate effectively with cross-functional teams and control partners across diverse global structures.
• Deep understanding of international data privacy laws and cross-border regulatory requirements (e.g., GDPR, CCPA), with an emphasis on their implications for control design and governance.
• Proficiency in MS Excel for data analysis, PowerPoint for professional reporting, and other standard office tools.
• Demonstrable expertise in designing, implementing, and monitoring robust risk and control frameworks, including strong capabilities in process oversight, control testing, and issue management.
• Exceptional written and verbal communication skills, with the ability to articulate complex control requirements, issues, and governance principles to diverse audiences.
• Proactive and adaptable in navigating complex regulatory landscapes and evolving control priorities.
• Demonstrates advanced analytical and problem-solving skills, with a methodical approach to issue identification, root cause analysis, and sustainable remediation.
• Fosters strong collaborative relationships with internal teams and external control partners to drive consensus and achieve effective governance outcomes.
• Brings a good understanding of financial services business models, operations, and enabling technology platforms.
• Possesses strong analytical and interpersonal skills.
• Communicates clearly and confidently—able to articulate the story behind the data and translate complex issues into actionable insights.

Nice To Haves

• Relevant certifications such as CIPP, CIPM, CIPT, CISA, or CRISC are highly advantageous.

Responsibilities

• Establish and maintain robust control mechanisms in alignment with regulatory changes.
• Perform periodic reviews to assess control effectiveness and compliance with the enterprise data transfer framework.
• Lead the analysis of identified control deficiencies, compliance breaches, or operational issues related to data transfers.
• Develop and track remediation plans, ensuring timely and effective resolution and prevention of recurrence.
• Contribute to the continuous development and refinement of the DTO's target state operational and governance models, focusing on enhancing consistency, mitigating risks, and ensuring robust oversight of data transfer processes.
• Aid in the creation and standardization of process guides and guidance documents to clarify work processes and ensure consistent application of governance standards across all data transfer activities.
• Support the effective implementation of new control measures and monitor existing ones to ensure adherence to Citi’s global data transfer framework, identifying opportunities for process optimization from a control perspective.
• Partner with Legal, Compliance, and Business teams to advise on governance requirements, interpret control standards, and ensure collaborative issue resolution and risk mitigation.
• Conduct comprehensive quantitative and qualitative analysis of control performance, issue trends, and remediation effectiveness.
• Develop insightful reports and dashboards to inform senior management and support data-driven governance decisions.
• Proactively identify, assess, and escalate control risks and gaps within the data transfer ecosystem.
• Develop and implement effective mitigation strategies and remediation plans to enhance the overall risk posture.

Benefits

• medical, dental & vision coverage
• 401(k)
• life, accident, and disability insurance
• wellness programs
• paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays.