Join our team to shape the future of privacy and data protection. As a Privacy & Data Protection Risks Lead, you’ll drive impactful change, collaborating with experts across business, technology, and data. This role offers opportunities for career growth, skill development, and the chance to influence privacy practices at scale. You’ll be part of a team that values innovation, collaboration, and continuous learning. Make a difference by helping us navigate the evolving landscape of global privacy regulations.

As a Vice President – Privacy and Data Protection Risks Lead within the Privacy Office, you will assess and manage privacy risks throughout the data lifecycle. You will partner with Data Office, Cybersecurity, and Firmwide teams, as well as business legal and compliance teams, to ensure compliance with privacy laws and regulations. You will help shape privacy strategies, provide guidance on risk mitigation, and support the development of privacy solutions. You will work closely with technical experts and business teams to implement privacy by design and drive continuous improvement. Your expertise will help us maintain a strong control environment and meet consumer expectations.

The Privacy Office collaborates with the Firmwide Chief Data Office and Privacy Office to manage data privacy risks for the business. Our organization covers all aspects of privacy support, including regulation management, individual rights requests, governance, incident management, privacy impact assessments, and systems supporting international privacy rights. We provide oversight, guidance, and implementation support on privacy-related matters, working with Legal and Compliance partners to ensure effective controls. You will play a key role in evolving our privacy risk assessment process and supporting ongoing privacy initiatives.

Job Responsibilities

Conduct privacy risk assessments for AI, applications, products, services, third-party engagements, and business initiativesCollaborate with Legal, Cybersecurity, and other partners to develop and enhance privacy risk mitigation guidanceEvolve and enhance the privacy risk assessment process to manage compliance and internal policy obligationsManage and socialize the Privacy by Design FrameworkPartner with technical experts to develop and scale solutions to mitigate privacy risk, such as de-identification techniquesAdvise business, technology, and data teams on personal information classification based on laws and policiesProvide hands-on support to new business teams for privacy risk managementDevelop and present executive-level materials articulating privacy risks, key decisions, and impactsSupport ongoing privacy office and program initiatives

Required Qualifications, Capabilities, and Skills

Five years of experience in privacy and data protection programsExpertise with privacy impact assessments, data protection assessments, or privacy risk assessmentsExperience working with privacy laws such as GDPR, GLBA, and CCPAWorking knowledge of data privacy and protection frameworksWorking knowledge of Privacy by Design and Default principlesExperience in communicating and presenting to executive management audiencesExperience in developing and presenting privacy training to diverse teamsProven ability to develop relationships with varied stakeholder groups in a complex environmentExperience with complex operational, data, and technical conceptsProficiency in Microsoft Word, Excel, PowerPoint, Outlook, Visio, and SharePoint

Preferred Qualifications, Capabilities, and Skills

Experience in a regulated financial institutionIAPP Certification (CIPP/US, CIPT)Knowledge of Privacy Enhancing Technologies and TechniquesWorking knowledge of AI lawsWorking knowledge of PCI-DSS