Data Protection and Technology Compliance - Senior Manager

  • SVP level
  • London, England, United Kingdom London England GB
  • Permanent, Full time
  • Holmes Search
  • 08 Aug 18 2018-08-08

Regional SME for GDPR, Data Protection and Technology Compliance and Conduct Program within Europe ensuring business strategies, plans and initiatives are executed and delivered in compliance with governing regulations, ethical conduct, internal policies and procedures. This will include responsibility for a Privacy Compliance and Data Protection program in accordance with the Privacy Risk Framework and local regulatory requirements as well as a Compliance program to support Digital and Information Technology, including collaboration with Information Security groups on regulatory aspects of Information Security and Cybersecurity.

Accountabilities

 

  • Champions a customer focused culture throughout their team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
  • Lead the Europe Privacy, Digital and IT Compliance and Conduct program in co-ordination with the Enterprise Privacy Office, members of the Europe Compliance team, the UK CISO and other relevant stakeholders. 
  • implement the banks Privacy Management Framework to assist in demonstrating accountability measures and create a culture of privacy across the region
  • Provide advice and counsel to the VP, Europe Compliance and regional senior management on regional strategic and operational compliance issues relating to privacy, data protection and IT compliance
  • Identify new regulatory requirements relating to privacy, data protection and IT security and maintain relevant associated records (such as eRCM).
  • Develop and maintain policies and procedures relating to privacy, data protection and IT security.
  • In conjunction with the Europe Compliance team the UK CISO and other stakeholders, develop, maintain and conduct training on privacy and data protection in  European Offices.
  • Conduct reviews and perform risk assessments relating to privacy, data protection and IT security as necessary and undertake monitoring and independent testing based on Compliance standards, identifying and escalating non-compliance and providing ongoing reporting, including through RCIMS.
  • Ensure that the Operating Models for individuals’ rights, breach and incident management and other requirements of the GDPR and associated rules and regulations
  • Take primary responsibility for Compliance input into DSARs, breach and incident management and reporting.
  • While maintaining the independence of the Compliance function, develops trusted relationships with business lines through advice and counsel on how to implement compliance solution into the design of their products, systems and processes.
  • Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
  • Contribute to  an environment in which his/her team pursues effective and efficient operations of his/her respective areas, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance Risk Management Framework, Privacy Risk Framework and Code of Conduct.  .
  • Participate in a building an inclusive work environment;