Data Privacy Lead Analyst - Citi - #2094004

Discover your future at Citi
Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you'll have the opportunity to grow your career, give back to your community and make a real impact.

Job Overview
The IMPaCT Team combines the Cross Border Data Clearance function, the Enterprise Data Office, Privacy, and Records and Information Management. Within Citi's Data Transfer Office (DTO), the Control, Issue Analysis, and Governance team plays a critical role in upholding the integrity and compliance of cross-border data transfers. This team is integral to the broader Enterprise Cross-Border Data Clearance (CBDC) function, which drives the establishment and operationalization of Citi's enterprise-wide data transfer framework.

We are seeking an experienced Vice President (VP) for the Control, Issue Analysis, and Governance team within the Data Transfer Office. The successful candidate will be pivotal in fortifying the control environment for cross-border data transfers across major business segments. This role requires a robust understanding of regulatory requirements, intricate data transfer processes, and comprehensive control and governance frameworks. The VP will leverage subject matter expertise to conduct in-depth issue analysis, ensure rigorous control adherence, and actively contribute to the continuous enhancement of Citi's enterprise data transfer governance model, driving compliant execution across diverse jurisdictions and stakeholder groups.

Key Responsibilities

• Control Oversight & Assurance: Establish and maintain robust control mechanisms in alignment with regulatory changes. Perform periodic reviews to assess control effectiveness and compliance with the enterprise data transfer framework.
• Issue Analysis & Remediation: Lead the analysis of identified control deficiencies, compliance breaches, or operational issues related to data transfers. Develop and track remediation plans, ensuring timely and effective resolution and prevention of recurrence.
• Governance Framework Enhancement: Contribute to the continuous development and refinement of the DTO's target state operational and governance models, focusing on enhancing consistency, mitigating risks, and ensuring robust oversight of data transfer processes.
• Policy & Procedure Development: Aid in the creation and standardization of process guides and guidance documents to clarify work processes and ensure consistent application of governance standards across all data transfer activities.
• Control Implementation & Monitoring: Support the effective implementation of new control measures and monitor existing ones to ensure adherence to Citi's global data transfer framework, identifying opportunities for process optimization from a control perspective.
• Stakeholder Engagement & Advisory: Partner with Legal, Compliance, and Business teams to advise on governance requirements, interpret control standards, and ensure collaborative issue resolution and risk mitigation.
• Control Performance Reporting: Conduct comprehensive quantitative and qualitative analysis of control performance, issue trends, and remediation effectiveness. Develop insightful reports and dashboards to inform senior management and support data-driven governance decisions.
• Risk Assessment & Mitigation: Proactively identify, assess, and escalate control risks and gaps within the data transfer ecosystem. Develop and implement effective mitigation strategies and remediation plans to enhance the overall risk posture.

Qualifications & Experience

• Experience: 5-8 years of progressive experience in risk management, control assurance, issue management, or governance within global financial institutions or enterprise settings, specifically within data privacy, regulatory compliance, or data governance.
• Teamwork: Proven ability to collaborate effectively with cross-functional teams and control partners across diverse global structures.
• Regulatory Knowledge: Deep understanding of international data privacy laws and cross-border regulatory requirements (e.g., GDPR, CCPA), with an emphasis on their implications for control design and governance. Relevant certifications such as CIPP, CIPM, CIPT, CISA, or CRISC are highly advantageous.
• Technical Proficiency: Proficiency in MS Excel for data analysis, PowerPoint for professional reporting, and other standard office tools.
• Expertise in Risk & Control Frameworks: Demonstrable expertise in designing, implementing, and monitoring robust risk and control frameworks, including strong capabilities in process oversight, control testing, and issue management.
• Communication Skills: Exceptional written and verbal communication skills, with the ability to articulate complex control requirements, issues, and governance principles to diverse audiences.

Ideal Candidate Profile
The ideal candidate will possess the following attributes:

• Proactive & Adaptable: Proactive and adaptable in navigating complex regulatory landscapes and evolving control priorities.
• Analytical Problem-Solver: Demonstrates advanced analytical and problem-solving skills, with a methodical approach to issue identification, root cause analysis, and sustainable remediation.
• Collaborative Leader: Fosters strong collaborative relationships with internal teams and external control partners to drive consensus and achieve effective governance outcomes.
• Industry Knowledge: Brings a good understanding of financial services business models, operations, and enabling technology platforms.
• Analytical Skills: Possesses strong analytical and interpersonal skills.
• Communication Skills: Communicates clearly and confidently-able to articulate the story behind the data and translate complex issues into actionable insights.

Education:

• Bachelor's/University degree or equivalent experience

If you are a highly motivated, results-oriented individual with a passion for technology risk management, we encourage you to apply!

------------------------------------------------------

Job Family Group:
Data Governance ------------------------------------------------------

Job Family:
Data Privacy & Data Transfers ------------------------------------------------------

Time Type:
Full time ------------------------------------------------------

Most Relevant Skills