Manager, Privacy Program Governance & Operations (4906)

About The Position

Requirements

• Undergraduate degree (or equivalent) with a minimum of 5+ years of relevant experience.
• Demonstrated experience leading enterprise and/or cross-jurisdictional initiatives, influencing senior stakeholders, and providing independent challenge on complex risk and control matters.
• Deep understanding of Monitoring and Testing practices and methodologies, including risk-based planning, sampling, documentation standards, reporting, and issue lifecycle management.
• Demonstrated strengths in: strategic and critical thinking with sound judgement; structured problem solving and initiative; exceptional writing to create executive-ready reporting, governance documentation, and communications; stakeholder management and influence to build consensus and drive outcomes; and attention to detail and strong operational discipline.
• Proven ability to manage multiple priorities in a fast paced/evolving environment and to lead work through ambiguity with minimal direction.
• Excellent verbal and written communication skills with the ability to interact confidently at all levels of the organization, including facilitating forums and presenting recommendations to leadership.
• Strong proficiency in Microsoft Office (Excel, PowerPoint, Visio) with the ability to develop materials that support governance decisions.

Nice To Haves

• Background in Privacy (including certification with the International Association of Privacy Professionals), Compliance, Risk Management and/or Audit would be considered an asset.

Responsibilities

• Design, lead, and continuously enhance Privacy’s Monitoring and Testing activities (e.g., risk-based planning, sampling approaches, execution, reporting, and issue validation), and drive follow-up with accountable Owners to closure.
• Liaise with Privacy Compliance teams and jurisdictions to facilitate the development of an annual Global Privacy Monitoring Plan as per the Regulatory Compliance Management (RCM) Monitoring and Testing Methodology and obtain executive review and approval.
• Co-ordinate and execute monitoring activities on behalf of Privacy Compliance teams, including the jurisdictional offices.
• Support scoping and execution of Compliance-led testing activities with coverage of privacy laws, rules and regulations (LRRs).
• Act as the primary point of contact for all Monitoring and Testing activities and validate that all findings from the program are recorded in the Issues Management system.
• Oversee end-to-end execution and continuous improvement of TPRM Privacy Control Assessments (CAs), including defining scope, setting quality standards, and ensuring timely delivery of assessment outcomes and supporting artifacts.
• Facilitate updates to the CA question set, methodology, and operating procedures; evolve them to reflect emerging regulatory requirements, internal risk appetite, control expectations, and lessons learned from issues, events, and audits.
• Provide independent challenge and subject matter expertise to business and corporate segments on complex third-party privacy risk scenarios; articulate clear, practical risk-based guidance and escalation recommendations.
• Support cross-functional and cross-jurisdictional alignment with other Risk Oversight Functions engaged in TPRM to refine Privacy’s operating model, clarify roles and accountabilities, and improve end-to-end throughput and controls.
• Act as a key resource and ambassador for TD’s privacy program by building senior stakeholder alignment, influencing outcomes, and enabling consistent, enterprise-wide adoption of privacy controls and processes.
• Co-ordinate and/or contribute to audits, regulatory exams, and inquiries by gathering evidence, drafting responses, supporting remediation planning, and strengthening preventive controls.
• Lead and/or support the development, implementation, and maintenance of Privacy governance documentation (e.g., policies, standards, guidelines, procedures) for alignment to TD’s Enterprise RCM Framework and related standards.
• Keep Senior Manager informed and up-to-date about the status / progress of activities/initiatives all relevant and useful information related to day-to-day activities.
• Identify and drive automation and process streamlining opportunities, including through the use of AI enabled capabilities, that improve control effectiveness, monitoring and operational efficiency and enhance risk visibility across the program.
• Maintain a strong knowledge of relevant privacy LRRs and Privacy's Oversight Function accountabilities under TD's Enterprise RCM Program.
• Support special projects and strategic initiatives, as required, including representing Privacy Program Governance and Operations in enterprise working groups and forums.

Benefits

• base salary
• variable compensation
• health and well-being benefits
• savings and retirement programs
• paid time off
• banking benefits and discounts
• career development
• reward and recognition programs