Head of Data Privacy & Data Regulatory Compliance

About The Position

Requirements

• Evidencable knowledge and skills in Financial Services, specifically Investment Banking
• Successful track record of implementing data management strategy and framework in an automated, tooling led environment.
• Good understanding of data management tooling, architecture, and application into financial services
• Strong stakeholder influencing and communication skills
• Leadership and delivery within a global, matrix delivery environment

Responsibilities

• Lead and integrate IB-wide data privacy and records management strategy and operations, ensuring compliance with legal, regulatory, and business requirements.
• Act as senior control owner for data privacy and records management, embedding strong governance, risk, and control frameworks.
• Oversee all data privacy activities, including DPIAs, RoPAs, privacy control reviews, and maintenance of privacy notices.
• Drive data privacy awareness, training, and cultural adoption across the IB.
• Govern classification, retention, storage, and disposal of records in line with Group Data & Records policies.
• Lead records assurance activities (Records TSA, RTS workshops) and manage inventories, action logs, and remediation.
• Shape and influence the IB-wide data strategy, operating model, simplification initiatives, and tooling enhancements.
• Drive transformation of the function through data-led, technology-enabled approaches aligned to industry best practice.
• Represent IB CDAO in cross-functional forums and external regulatory/legal engagements.
• Provide regional leadership for the US, acting as primary point of contact and ensuring alignment with global objectives and regulatory expectations.
• Oversee day to day regional operations, ensuring effective service delivery, policy adherence, risk management, and continuous improvement.
• Ensure compliance with all applicable US federal, state, and local regulations.
• Lead and develop the regional team, setting clear objectives, driving performance, supporting training, and enabling succession planning.
• Build strong stakeholder relationships across business units, compliance, technology, regulators, and vendors.
• Communicate regional priorities, achievements, risks, and issues to global and regional leadership.
• Maintain robust governance frameworks and ensure accurate documentation, reporting, and record keeping.
• Identification and assessment of potential risks related to data privacy and implement measures to mitigate these risks and enhance overall data protection.
• Development and implementation of an effective incident response plan for data breaches and coordinating with relevant teams to investigate and address incidents promptly.
• Provision of data privacy training and awareness to employees by educating employees about their data privacy obligations, how to manage personal data securely, and how to identify and report data privacy breaches.
• Identification of areas for improvement and implementation of enhancements to the data privacy programme.
• Development and implementation of data privacy policies, procedures and monitoring the adherence to these policies across the organisation.
• Development and implementation of Barclays Data Privacy strategy aligned with the bank's business objectives and regulatory requirements.
• Definition and enforcement of data privacy policies and procedures to ensure data protection, security, and compliance.
• Partnering with stakeholders to drive improvements in the understanding, appropriate use and protection of personal data.
• Development and maintenance of a comprehensive data privacy governance framework aligned with regulatory requirements and industry standards.