Senior Privacy Compliance Operations Analyst (US)

TD•Portland, ME

4d•$72,280 - $108,160•Onsite

About The Position

TD Bank US Compliance is on a mission to build a more resilient and scalable compliance risk management function. As part of this team, you'll play a key role in reshaping compliance structures and processes, driving innovation at every level. Each team member has a chance to make a tangible impact – both in day-to-day operations and in the design of a future-focused compliance program. This is about creating a culture of compliance that will cascade throughout the organization. The ideal candidate will thrive in a fast-paced, start-up-like setting as we build a new compliance structure that aligns with the bank’s size, complexity, and risk profile. In this role, you’ll need to be strategic, tactical, collaborative and creative in your approach. You will manage day-to-day operations while also helping design and implement a forward-thinking compliance program for the future. Beyond technical expertise, we’re looking for someone with an entrepreneurial mindset—someone who can "roll up their sleeves", takes the initiative and can anticipate needs before they arise. A comfort level with ambiguity and the ability to excel in a dynamic, evolving landscape are essential as the US Compliance team redefines the bank's compliance program and structure. Most importantly, the right candidate is seeking an intellectual challenge, has a desire to learn, and is committed to building something impactful from the ground up. At TD Bank, you’ll have the unique opportunity to help shape the future of the bank while collaborating with a team of enthusiastic colleagues dedicated to setting new industry standards. We are seeking a detail-oriented Privacy Compliance Operations Analyst, who serves as a key member of the U.S. Privacy Office, providing second-line oversight for privacy compliance governance and operational risk management. This role ensures adherence to U.S. privacy regulations, including biometric privacy laws, and oversees third-party compliance risks. The analyst supports regulatory change management, policy alignment, and monitoring activities under the Enterprise Regulatory Compliance Management (RCM) Framework.

Requirements

Undergraduate degree or equivalent work experience
5+ years of experience
Privacy Compliance work experience in the industry.
Analytical and problem-solving skills.
Excellent communication and stakeholder management abilities.
Ability to interpret complex regulations and translate them into actionable policies.
Organizational skills for handling multiple priorities.
High attention to detail and risk awareness.
Must be willing to work 4 days a week in the Mt. Laurel, NJ office location site.

Nice To Haves

Any knowledge of Third Party Risk Management.
Bachelor degree and IAPP licenses an added advantage (a plus)

Responsibilities

Monitor and assess emerging U.S. privacy regulations, including biometric. Update internal policies, standards, and controls to maintain compliance. Collaborate with US regulatory change office (USCRCO), and business stakeholders to implement changes effectively.
Assist in Developing and maintaining governance frameworks for biometric data collection, storage, and usage. Perform Privacy Assessments for initiatives involving biometric identifiers. Ensure compliance with state-specific biometric privacy laws (e.g., BIPA) and enterprise risk appetite.
Conduct risk assessments and due diligence for vendors handling personal or biometric data by reviewing contracts and deviation reports such as MSA, SOW, etc.. Ensure contractual obligations align with privacy requirements and enterprise standards. Partner with Vendor Compliance teams to monitor adherence and escalate material risks.
Review and validate privacy-related contractual clauses, including data protection addendums and breach notification requirements. Ensure contracts align with U.S. privacy laws and biometric data regulations by reviewing contract deviations including MSA's, SOW's and NDA's.
Support the U.S. Privacy Office in maintaining policies, standards, and exception management processes.
Execute risk-based monitoring.
Prepare reports for senior management and escalate material compliance gaps.
Familiarity with privacy frameworks, principles and laws. Understanding of regulatory change management processes and compliance monitoring tools.