Director, Privacy Compliance Governance Team Lead

About The Position

Requirements

• Strong project management, process management, and organizational skills
• A proven track record of supporting and working across business lines and functions and with a senior management team
• The ability to navigate “gray space” or ambiguous situations to drive and execute an agenda in a fluid environment
• Solid teamwork skills; ability to build and leverage the capabilities of a high-performing team
• A focus on quality, timeliness, and accurate reporting delivery, both detailed-oriented and strategic, while managing delivery within tight timelines
• A strong reporting background, data visualization, and executive communication (both written and verbal)
• A successful track record of thriving in both a highly regulated industry and a fast paced, entrepreneurial, and dynamic environment
• Ability to balance operating independently with appropriate escalation and interaction with senior leadership
• A collaborative, energetic, solution-oriented, and innovative leadership style
• An understanding of key regulatory and audit requirements and three lines of defense risk management framework
• Bachelor’s degree or military experience
• At least 10 years of privacy, compliance, risk management, legal or audit experience
• At least 3 years of experience leading teams or people management

Nice To Haves

• Juris Doctor or Master’s degree
• 3+ years of experience in strategic consulting and strategic initiative management
• Certified Information Privacy Professional (CIPP), Certified Risk Professional (CRP) or Certified Regulatory Compliance Manager (CRCM)

Responsibilities

• Manage privacy compliance governance and corresponding processes that support our core business lines. This includes reporting, engaging with Audit, managing internal policies, trainings, and other core privacy-related processes (e.g., breach response, opt-out management)
• Oversee reporting for PC&R, including monthly and quarterly deliverables to leadership. Lead preparation of annual privacy reports for lines of business and oversee development of Identity Theft Red Flags report
• Lead the drafting, updating, and maintenance of privacy policies, standards, procedures, and training materials
• Facilitate and respond to audits and exams related to privacy, which includes internal and external requests
• Stay abreast of the changing, privacy regulatory environment and understand the impacts to Capital One, lead regulatory change task engagement and ensure PC&R advisors are aware of regulatory changes and tasks
• Maintain knowledge of applicable laws, regulations, and supervisory guidance, such as FCRA, FACTA, TCPA, HIPAA, CAN-SPAM, GLBA, CCPA/CPRA, GDPR, state privacy laws, and FFIEC guidance; keeping up with and advising the business on current and emerging developments
• Actively participate on complex projects by providing guidance, advice, and effective challenge
• Identify trends and develop metrics for understanding privacy risk across the company and participate in reporting activities used by Senior Leadership
• Collaborate across Risk Management, building connections with reporting and risk assessment teams. Assist in capturing, maintaining, and analyzing compliance data to support advising on risk and adherence to our compliance management program
• Ensure team fulfills on expectations and deliverables under the compliance management program

Benefits

• Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.