Director, Privacy Operations
FINRA · Tysons Corner, VA · 3 wk ago
HybridManagement$134k/yrFull-time
About the role
The Director of Privacy Operations is a key member of Enterprise Data Privacy Office’s (EDPO) leadership team and is responsible for the development, implementation and maintenance of the organization's privacy governance frameworks, policies, procedures, and controls. This includes directing the organization's Data Privacy initiatives, privacy assessments, data loss reporting, departmental privacy engagement, and issue identification and resolution.
Responsibilities
- Serves as the escalation contact for privacy-related inquiries, requests, and audits from internal stakeholders and communicates complex privacy topics clearly and confidently to stakeholders at all levels.
- Led the privacy assessment process, working across departments to identify, mitigate, and remediate privacy risks.
- Leads and manages privacy incident response operations, including investigations, incident management, and remediation of data loss events.
- Manages the department's internal and external relationships relating to privacy technology solutions used to document and record privacy activities.
- Leads the collaboration with stakeholders across the enterprise to ensure data management policies and technical controls supporting privacy objectives are properly tuned, serving as a strategic advisor to FINRA’s technology and data governance initiatives, translating complex privacy objectives into operational frameworks that enable innovation.
- Directs the establishment of and reporting on metrics to the Board and FINRA executive management team covering the performance of the privacy program.
- Responsible for identifying staffing, technology, and training investments to support enterprise privacy objectives, in alignment with the Privacy Operations budget and resource allocation.
- Demonstrates FINRA’s values.
- Collaborates, both in-person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.
Requirements
- Bachelor’s Degree with a minimum ten (10) years of experience.
- Minimum five (5) years of experience working directly in data privacy roles, preferably in a regulated industry, required.
- Certified Information Privacy Professional (CIPP/US) or Certified Information Privacy Manager (CIPM) preferred.
- Experience supervising and implementing large-scale processes or projects.
- Demonstrated ability to lead, mentor, and develop staff.
- Demonstrated experience in conducting privacy compliance activities such as assessments, audits, and investigations to identify and mitigate risks.
- Experience managing and remediating privacy-related loss reports and incidents.
- Proficiency in creating and maintaining comprehensive risk registers a plus.
- Excellent collaboration and communication skills, with the ability to present complex topics to diverse stakeholders.
- Confident public speaker able to defend privacy-related recommendations.
- Exceptional analytical and problem-solving skills to assess privacy risks and develop mitigation strategies.
- Experience with privacy regulations, standards, and best practices.
Qualifications
- Education/Experience Requirements: Bachelor’s Degree with a minimum ten (10) years of experience. Minimum five (5) years of experience working directly in data privacy roles, preferably in a regulated industry, required. Certified Information Privacy Professional (CIPP/US) or Certified Information Privacy Manager (CIPM) preferred. Experience supervising and implementing large-scale processes or projects. Demonstrated ability to lead, mentor, and develop staff. Demonstrated experience in conducting privacy compliance activities such as assessments, audits, and investigations to identify and mitigate risks. Experience managing and remediating privacy-related loss reports and incidents. Proficiency in creating and maintaining comprehensive risk registers a plus. Excellent collaboration and communication skills, with the ability to present complex topics to diverse stakeholders. Confident public speaker able to defend privacy-related recommendations. Exceptional analytical and problem-solving skills to assess privacy risks and develop mitigation strategies. Experience with privacy regulations, standards, and best practices.
Skills
- Strong understanding of privacy regulations, standards, and best practices.
- Ability to communicate complex privacy topics clearly and confidently to stakeholders.
- Experience leading and mentoring a team.
- Proven track record of successfully managing privacy assessments and incident response operations.
- Experience in developing and maintaining comprehensive risk registers.
- Excellent collaboration and communication skills.
- Confident public speaker with strong advocacy skills.
- Exceptional analytical and problem-solving skills.
Benefits
Not specified.
Pay
Not specified.
Schedule
Hybrid work environment, with defined in-person presence requirements. Extended hours as needed. Travel occasionally required.
Application
To be considered for this position, please submit an application. Applications are accepted on an ongoing basis.