Data Privacy Senior Lead Analyst

• Conduct and manage Privacy Impact Assessments (PIAs) and maintain Records of Processing Activities (ROPAs) for O&T
• Help draft, renew, and update privacy notices and consents to comply with legal changes
• Advise businesses on privacy requirements, processes, and controls for initiatives, new products, and services
• Coordinate and execute responses to data subject requests
• Support periodic reviews of privacy processes, validating changes
• Support functions with data privacy reviews and audits
• Provide governance and oversight, operational risk management and controls leadership
• Ensure compliance with the Citi Global Privacy Policy
• Identification and management of operational risks associated with Privacy
• Complete the Privacy Impact Assessment (PIA) process and controls required for all initiatives
• Assess, evaluate, and validate controls through processes and tools
• Support the business in reviewing, maintaining, and enhancing Permanent Control Readiness
• Track and review deviations and risk acceptances
• Follow Escalation Policy and procedures
• Escalate material risk events and issues appropriately
• Track issue and CAP status and progress
• Coordinate and support the Business in the implementation of global, regional and local Data Privacy projects
• Perform training on risk and control concepts, processes, tools

• 10+ years of relevant experience
• Demonstrates Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management experience or minimum two years in an Internal audit, Risk Management, or Control Management related role
• Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls
• Familiarity with privacy related technology considerations such as cookies, mobile devices, biometric and geolocation data
• Strong business analysis competency with historic success in shaping opportunities via conceptual thinking and abstract problem-solving capabilities
• Communicates effectively, develops and delivers multi-mode communications
• Collaborates effectively by building partnerships and working well with others
• Strong negotiation, influencing and stakeholder management skills
• Optimizes work processes by balancing effective / efficient processes with a focus on continuous improvement
• Up-to-date understanding of key data privacy risk and control concepts, tools and trends
• Proficient in the use of basic Microsoft applications (Word, Excel, PowerPoint)
• Organizational savvy
• understands systems, management processes
• IAPP Certification is a plus

IAPP Certification