Compliance Manager, IT​/Tech

Overview

We are seeking a Privacy Risk Professional / Privacy Manager to enhance our enterprise privacy and compliance efforts to support Citizens’ customer-centric and innovation-minded growth. You’ll identify, assess, and manage privacy risks across Business Lines with exposure to financial institution laws, regulations, operations, cybersecurity, and data protection practices. This role executes the Privacy Office strategy for compliance with Citizens policies and applicable laws and regulations, and supports data-driven decision-making across privacy initiatives.

• Partner with Business Lines/Divisions to ensure timely identification, mitigation, resolution, and escalation of existing and emerging privacy risks
• Work independently and with risk partners, business stakeholders, and third-party vendor management teams to perform privacy vendor assessments
• Implement Privacy by Design (PbD) practices across the organization to support identification and remediation of privacy risk
• Execute cross-functional, bank-wide strategies for compliance with Citizens policies, existing and emerging regulations and laws, and future Federal and State laws as enacted
• Provide guidance, oversight, and challenge to risk partners and Business Lines/Divisions regarding privacy-related risks
• Collaborate with risk partners and Business Lines/Divisions to assess privacy-related controls to ensure compliance with applicable Citizens policies, laws, rules, and regulations
• Perform independent privacy risk assessments of regulations and laws (e.g., GLBA, GDPR, CCPA, COPPA, TCPA, CAN-SPAM and other regulatory frameworks) to evaluate risks and propose mitigation controls/strategies
• Complete Privacy Impact Assessments on new business initiatives and products to identify potential privacy risks
• Assist in investigating and remediating privacy incidents
• Create, design, monitor, and analyze key risk metrics to identify emerging and potential privacy risks, trends, and issues, and escalate appropriately
• Create, design, monitor, and analyze key performance metrics to measure Privacy Program performance and engagement
• Partner with Second Line of Defense functions to influence improvement in risk culture, privacy risk profile, and control effectiveness
• Support Privacy Office in development, maintenance, and enhancement of the Privacy Program
• Leverage strong data skills to manage and analyze privacy-related data, build dashboards, and generate reports that support strategic decision-making

• 2+ years privacy experience
• Working knowledge of privacy-related risks associated with a banking institution and experience building effective privacy programs
• Experience with identifying and mitigating privacy risks associated with Marketing/Ad Tech preferred
• Experience with consent and preference management law, regulations, and business line support preferred
• Incident Response experience preferred, including leading investigations and notification/response activities
• Familiarity with reading, interpreting, and applying privacy policies, procedures, regulations, and laws
• Strong legal research skills preferred
• Detail-Oriented: careful and thorough in handling privacy-related data and documentation
• Excellent Communicator: able to translate complex privacy terms into understandable concepts and actionable tasks
• Collaborative Team Player: works well with diverse teams and incorporates feedback
• Independent Worker: self-starter; able to initiate and complete prioritized tasks without constant supervision
• Critical Thinker: able to identify privacy issues, think through solutions, and articulate options
• Technically proficient in Microsoft Excel (pivot tables, VLOOKUP, advanced formulas) and privacy tools (One Trust, Tableau, Python, Gen AI, SQL) and related technologies
• Data-Centric: comfortable working with large datasets to drive insights
• Proficiency with Microsoft Office suite

• Bachelor’s degree required
• IAPP certification strongly preferred
• CISSP/CISA certification welcomed
• AWS Cloud Practitioner certification welcomed
• Artificial Intelligence governance certification welcomed

Some job boards have started using jobseeker-reported data to estimate salary ranges. If you apply and qualify, a recruiter will discuss accurate pay guidance.

Citizens, its parent, subsidiaries, and related companies provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, disability, race, ethnicity, gender, gender identity or expression, genetic information, marital status, medical condition, military or veteran status, national origin, pregnancy, or any other category protected by law. Employment decisions are based solely on merit, qualifications, performance and capability.