Enterprise Privacy Compliance & Operational Risk Manager
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Job Description:
Enterprise Privacy is a global team of subject-matter experts responsible for Compliance & Operational Risk coverage of Data Privacy across the enterprise operating in a highly technical, fast-changing and dynamic environment. This job is responsible for the execution of the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy and the Compliance and Operational Risk Management (CORM) Program for data privacy risks. Key responsibilities include identifying, escalating, and mitigating risks in a timely manner, engaging with Front Line Units and Control Functions (FLU/CF) leaders globally, coordinating with the FLU/CF Compliance and Operational Risk Officer teams, executing the CORM Program and the Policies, identifying themes and trends, and conducting analysis for new and emerging risks. The successful candidate will deploy a combination of extensive data management and privacy risk expertise to support the Enterprise Privacy Office to deliver on business-critical strategic objectives.
Responsibilities:
- Assesses risks, associated controls and their effectiveness, driving compliance with applicable laws, rules, and regulations and adhering to policies.
- Engages in activities to provide independent compliance and operational risk oversight of Front Line Unit or Control Function (FLU/CF) performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy (collectively the Policies) and the Compliance and Operational Risk Management Program and Standard Operating Procedures.
- Identifies and escalates problems or issues that arise and drives actions to address the root causes that lead to compliance risk issues and/or operational risk losses, including opening new issues based on risk severity in the centralized issues tool.
- Manages inventory of processes, risks, controls, and associated metrics for risk appetite and limits, reporting violations of compliance or regulatory activities.
- Analyzes and interprets applicable laws, rules, and regulations to provide clear and practical advice to stakeholders, and identify and manage risks including monitoring the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintaining a comprehensive regulatory inventory, while supporting communication of regulatory changes to the FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements.
- Responds to regulatory inquiries, other audits, and examinations and identifies regulatory training needs supporting the development of the training curriculum.
- Reviews and challenges FLU/CF process, risk, Single Process Inventory and FLU/CF Risk and Control Self-Assessment related to themes or trends, while monitoring the regulatory environment to identify regulatory changes applicable to area(s) of coverage.
Skills:
- Regulatory Compliance
- Reporting
- Analytical Thinking
- Interpret Relevant Laws, Rules, and Regulations
- Negotiation
- Policies, Procedures, and Guidelines Management
- Business Process Analysis
- Issue Management
- Monitoring, Surveillance, and Testing
Desired Skills:
- In-depth knowledge of or certification in law, rule, regulation and/or Data Privacy.
- International Association of Privacy Professional (IAPP) accredited certification programs.
- Working knowledge of privacy risk identification, assessment, and management frameworks, including issue management and designing, and implementing privacy-related controls.
- Excellent written and verbal communication and presentation skills, able to create compelling arguments and influence across all levels of the organization.
- Excellent relationship building skills to partner effectively across diverse, cross-functional teams in complex and rapidly changing environments.
Required Skills:
- Bachelor’s Degree or equivalent experience.
- 7 years minimum of business and functional experience in a Risk Management/Compliance/Audit role or a highly regulated domain.
Shift: 1st shift (United States of America)
Hours Per Week: 40
Pay Transparency details:
Pay range: $95,400.00 - $172,000.00 annualized salary, offers to be determined based on experience, education, and skill set. Discretionary incentive eligible. This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company. Benefits: This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.
#J-18808-Ljbffr