The Compliance Privacy Manager performs a key risk management role to ensure business lines and corporate initiatives comply with applicable federal and state Privacy laws and regulations. The Compliance Privacy Manager will apply risk, process management, and analytical skills to drive actions in support of privacy risk objectives for the Compliance department and impacted business lines. The Compliance Privacy Manager is responsible for delivering quality results and providing sound compliance advice to business lines as a subject matter expert. A successful Compliance Privacy Manager is a highly motivated, forward thinking self-starter who can work autonomously, is quick to adapt, technologically adept, a problem solver, and an adaptive learner.
- Closely follow emerging privacy trends across the country, including the development of new privacy laws. Identify trends in data and advise on identified current and emerging privacy risks
- Maintain subject matter expertise of applicable privacy laws and regulations such as FCRA, FACTA, TCPA, TSR, CAN-SPAM, GLBA, PIPEDA, UK DPA, FFIEC guidance, CCPA, CA SB1
- Provide effective challenge and guidance on privacy risks and support business lines through various interactions and forum engagements;
- Advise business lines on application of privacy requirements, development of controls and monitoring, remediation/corrective action of compliance breakdowns, and changes in law or regulation;
- Support and as necessary participate in evaluation of business line initiatives and processes from a privacy risk perspective;
- Assist business lines in developing and maintaining the Compliance Management Program (i.e. how to monitor, report, and train);
- Actively participate on complex projects by providing guidance, advice, and effective challenge
- Active involvement with privacy compliance testing and third party compliance
- Review privacy-related complaints generated from business lines and provide guidance on remediation; escalate and facilitate with subject matter experts, when necessary;
- Evaluate Internal Audit, Regulatory Exam, and self-identified privacy issues and events for compliance impacts;
- Assist in capturing, maintaining, and analyzing compliance data, interpreting it to ensure consistency and adequate Compliance Risk Management; and
- Participate in reporting activities used by Senior Leadership.
- Travel to various Capital One locations as necessary
- Bachelor’s Degree or Military experience
- At least 3 years of experience in compliance, or at least 3 years of experience in legal, risk management or audit
- Master’s or Juris Doctor Degree
- 6 years of experience in Privacy compliance, or 6 years of experience in legal, or 6 years of experience in audit
- CIPP (Certified International Privacy Professional) certification, or CRCM (Certified Regulatory Compliance Manager) certification, or ACAMS (Association of Certified Anti-Money Laundering Specialists) certification, or CISSP (certified information systems security professional), or CISM (certified information security manager)
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Application Submission Information: