Data Privacy Senior Analyst

• Complete the Privacy Impact Assessment (PIA) process and controls required for all initiatives, new products and services
• assess, evaluate, and validate controls through processes and tools such as the MCA and KRIs as appropriate for data privacy risk
• support the product heads, function heads, COOs and In Business Risk team on gap analysis and the implementation of global policy requirements and regional standards, and on the assessment of the legal and regulatory requirements with Country Legal and Compliance as well as the development of local procedures as related to data privacy
• support periodic reviews of the Business’s data privacy processes and control and validate changes as a result of such reviews
• track and review deviations and risk acceptances when raised and at the time of renewal to assess the need for deviations and ascertain that the business has implemented and documented effective compensating controls
• follow Escalation Policy and procedures to ensure effective escalation and socialization of material risk events and issues across businesses for any Data Privacy related items
• escalate material risk events and issues appropriately
• assist business in creation of Issues/CAPs related to Data Privacy as needed (issues and CAPs owned by Product/Region business owner). Track and escalate as necessary
• support the Business and Functions on reviews and audits on Data Privacy. Support the business on reviewing and responding to findings by reviewers
• work with Global In-Business Regulatory head on all reviews and audits to ensure appropriate preparation, pre-review assessments and post-review remediation
• coordinate and support the Business in the implementation of global, regional and local Data Privacy, regulatory and risk and control projects
• ensure high quality execution for Data Privacy programs for any Citi initiated programs, in coordination with Global Risk and Control and In Business Regulatory Engagement Head
• perform training on risk and control concepts, processes, tools, and on effective issue self-identification and testing
• customize global and regional training programs to cater for product specific or local requirements and/or additional nuances

• 5-8 years of relevant experience
• demonstrates Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management or minimum two years in an Internal Audit, Risk Management, or Control Management related role
• working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls
• familiarity with privacy related technology considerations such as cookies, mobile devices, biometrics and geolocation data is desired
• strong project management skills
• optimizes work processes by knowing the most effective and efficient processes to get things done, with a focus on continuous improvement
• ability to anticipate and balance the needs of multiple stakeholders, while monitoring tight deadlines or unexpected requirement changes
• ability to communicate effectively
• risk-based thinking and analytical mindset
• ability to build rapport and work closely with stakeholders
• up-to-date understanding of key Data Privacy risk and control concepts, tools and trends
• proficient in the use of basic Microsoft applications (Word, Excel, PowerPoint)
• Bachelor's/University degree or equivalent experience

familiarity with privacy related technology considerations such as cookies, mobile devices, biometrics and geolocation data

• Cafeteria Program
• Home Office Allowance (for colleagues working in hybrid work models)
• Paid Parental Leave Program (maternity and paternity leave)
• Private Medical Care Program and onsite medical rooms at our offices
• Pension Plan Contribution to voluntary pension fund
• Group Life Insurance
• Employee Assistance Program
• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
• Flexible work arrangements to support you in managing work - life balance
• Career progression opportunities across geographies and business lines
• Socially active employee communities with diverse networking opportunities