Director - Privacy Risk Management

About The Position

Requirements

• Bachelor's degree and professional privacy certifications with US focus (IAPP - CIPP/US required, CIPM preferred)
• Minimum 7 years privacy and banking compliance experience
• Minimum 5 years experience with US privacy regulations
• Demonstrated experience with US regulatory relationship management
• Leading privacy compliance programs in US financial services or similarly regulated industry
• Deep knowledge of CM & US privacy regulatory framework including GLBA, Regulation P, CCPA/CPRA, GDPR, PIPEDA and emerging US state privacy laws
• Direct experience with US privacy regulators including FTC, CFPB, and state enforcement agencies
• Experience managing privacy-related regulatory examinations, enforcement actions, and remediation programs
• Understanding of US financial services products and operations across Capital Markets, Wealth Management, and Consumer Banking
• Experience implementing privacy controls and governance frameworks in regulatory environment
• Knowledge of US privacy technologies including consent management and privacy rights automation platforms

Nice To Haves

• JD or advanced degree
• Additional US-focused certifications in data governance or financial services
• Expertise with privacy management platforms (OneTrust, etc.)
• Knowledge of AI governance and emerging privacy technologies
• Experience with US state privacy law implementation

Responsibilities

• Design, develop and implement privacy compliance programs for CM and US business segments in alignment with enterprise privacy standards
• Conduct Privacy Risk Assessments, Supplier Risk Management Assessments, Privacy Breaches and complaints.
• Help develop and maintain privacy policies, procedures, and control frameworks
• Collaborate with Global Privacy Office and enterprise functions to ensure consistent application of privacy standards
• Implement privacy-by-design principles and support emerging technology governance, particularly relating to artificial intelligence and automated decision-making within CM & US Operations
• Serve as primary privacy representative to US regulators including FTC, CFPB, state attorneys general, and relevant federal banking regulators
• Lead privacy-related regulatory examinations, inquiries, and enforcement discussions on behalf of CM & US Operations
• Oversee day-to-day privacy compliance activities including data subject access requests, privacy breach incident management, and regulatory inquiries specific to CM & US Operations
• Develop privacy metrics and reporting for senior US management on compliance effectiveness and emerging risks
• Lead a privacy team of up to 5 professionals with expertise in privacy regulations and financial services operations
• Provide advisory support and privacy expertise to CM and US business segment leaders and cross-functional teams
• Drive privacy awareness and training initiatives across CM and US Operations
• Participate in privacy committees, governance forums, and cross-functional projects
• Partner with US business segments to integrate privacy considerations into product development, marketing, and operational processes
• Collaborate with Legal, Compliance, Technology, and Risk Management functions on privacy-related initiatives
• Provide privacy expertise for US new business initiatives, system implementations, and process changes
• Support enterprise privacy governance through US-focused reporting, metrics, and risk identification
• Contribute to the maintenance of an effective control and regulatory integration program, focusing on sharing insights, themes and findings from exams, audits and regulatory changes with stakeholders to drive awareness of changes to expectations and changes to processes, controls and behaviors
• Enable alignment across LODs and stakeholders on control priorities that emerge from exams, audits and regulatory changes
• Drive efficiency through use of consistent approach and process used in the planning for and responding to and managing operational risks

Benefits

• Bonuses
• Flexible benefits
• Competitive compensation
• 401(k) program with company match
• Health, dental, vision, life and disability insurance
• Paid time-off plan