- Support the Global Chief Privacy Officer and Head of Privacy (Americas) in the execution of their duties across the Americas region to help ensure that all Lines of Business and Business Partners fulfill their regulatory and organizational requirements to protect personal information while enabling business and technology innovation
- Support significant regulatory compliance initiatives, e.g. California Consumer Privacy Act (CCPA), Brazil LGPD, Cayman DPL, Bermuda PIPA, evolving US state laws and other new privacy laws which may emerge in US, Canada and LATAM
- Provide SME support to the business for Privacy compliance initiatives (e.g. impact analysis, delivery, templates, training)
- Provide SME support and enable the successful delivery of enterprise-wide change initiatives (e.g. Data as a Service, Cloud, Cybersecurity initiatives, Vendor Risk Management), through privacy compliance
- Develop, enhance, operationalize enterprise-level privacy policies/procedures, processes and controls, e.g. metrics, personal information inventory, data protection impact assessments (DPIAs), Privacy by Design, Vendor Risk and Management, etc.
- Conduct privacy risk assessments, data protection impact assessments (DPIAs), determine gaps, risks & remedial actions and embed Privacy by Design (PbD)
- Support the deployment of tools (automation) to enhance data privacy controls. Support includes providing Privacy SME support, training, artefacts
- Develop and deliver privacy education and awareness materials to internal and external stakeholders
- Other duties as assigned
- Bachelor's degree in computer science, actuarial science, finance, economics, mathematics/statistics or the equivalent combination of education and experience is required.
- 5-7 years of total work experience preferred.
- 3+ years of experience in related field (Privacy, Cybersecurity, Legal, Compliance, or other related field)
- Understanding of key privacy laws in US and throughout Americas (e.g., California Consumer Privacy Act (CCPA), FCRA, FACTA, GLBA, CalOPPA, TCPA, CAN-SPAM, CASL, HIPAA, HITECH, PIPEDA, EU General Data Protection Regulation (GDPR), Brazil LGPD, Cayman DPL, Bermuda PIPA, Cross-Border Data Transfers), state privacy laws
- Excellent verbal and written communication skills
- CIPP certification (e.g., CIPP/US, CIPP/E, CIPM, CIPP/C)
- Global privacy experience (US, Canada, LATAM, EU-GDPR)
- Financial Services experience
Application Submission Information:
Please visit BNY Mellon Careers to submit application.