CrawlJobs Logo
Citi Logo Citi · Finance

Privacy, Data Transfers and Records Management Risk and Strategy Lead

United Kingdom, Belfast · Job Posted January 22, 2026
Apply Position
Job Link Share

Job Description

The Privacy, Data Transfers and Records Management Risk and Strategy Lead is primarily responsible for; Enterprise Risk Management:Manage and report on Citi's risk appetite for Privacy, Data Transfers, and Records Management, including metric strategy and production. Strategic Initiatives:Lead and execute strategic initiatives for the Information Management, Privacy and Cross Border Data Transfers (IMPaCT) Function to drive business value and support senior leadership priorities. Function Oversight:Ensure effective operation of the IMPaCT Function, covering financial management, communications, and compliance with Citi's risk and control frameworks.

Job Responsibility

  • Responsible for overseeing and coordinating 1LoD risk appetite activities for the IMPaCT Function
  • Responsible for overseeing the IMPaCT functions business execution activities, including financial management, communications and compliance with Citi risk and controls frameworks
  • Deliver the IMPaCT Functions enterprise risk appetite metic strategy (including metric production activities where required) and coordinate with multiple teams across the IMPaCT function to ensure effective processes
  • Influences and negotiates with senior leaders (across multiple functions)
  • Collaborate with Technology, Operations, Information Security, Risk management, Compliance and other organizations across Citi to develop and implement effective solutions and process delivery, including technology investment request optimization for IMPaCT technology solutions
  • Preparation of clear, accurate and timely reports and escalations on risks, risk mitigation measures and compliance activities

Requirements

  • 10+ years of relevant experience in management consulting, strategy consulting or risk management, including experience overseeing functional operations
  • Strong understanding and experience with governance programs and risk appetite frameworks
  • Demonstrated ability to execute strategic initiatives and drive business value
  • In-depth knowledge of risk and control frameworks
  • Communicates effectively, develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences
  • able to drive consensus, and influence relationships at all levels
  • Collaborates effectively by building partnerships and working well with others to meet shared objectives
  • Ability to gain confidence and trust of others through honesty, integrity and authenticity
  • Strong negotiation, influencing and stakeholder management skills across a variety of stakeholders at different levels
  • Optimizes work processes by balancing effective / efficient processes with a focus on continuous improvement. Demonstrates ability to balance between understanding the “big picture” while paying close attention to detail
  • Organizational savvy
  • understands systems, management processes, knows where to go for information and how to interpret them
  • Bachelor's/University degree, Master's degree preferred

What we offer

  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Privacy, Data Transfers and Records Management Risk and Strategy Lead

8 matching positions

Counsel, Privacy, AI, and Data Protection

Why Valvoline Global Operations? At Valvoline Global Operations, we're proud to ...
Location
Location
United States , Lexington
Salary
Salary:
150000.00 - 175000.00 USD / Year
valvoline.com Logo
Valvoline
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor (JD) degree from an accredited law school and active license to practice law in at least one U.S. jurisdiction
  • Minimum of 8–12 years of legal experience, with significant focus on privacy, data protection, cybersecurity, and/or technology law
  • Demonstrated expertise in U.S. and global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA) and strong familiarity with emerging AI regulatory requirements
  • Experience advising on AI/ML technologies, data-driven business models, or digital products, including governance and risk management considerations
  • Proven experience building or supporting global privacy programs and operationalizing compliance frameworks (e.g., DPIAs, DSARs, data mapping)
  • Strong experience partnering with Product, Engineering, IT, and Security teams to translate legal requirements into practical solutions
  • Demonstrated ability to operate independently, manage complex cross-functional initiatives, and provide strategic, risk-based legal advice
  • Excellent communication, negotiation, and stakeholder engagement skills, with the ability to influence senior leaders
  • Ability to travel (approximately 10–20%) to support global business initiatives and team engagement
  • Collaborate effectively across global time zones, providing support to regional stakeholders and participating in meetings outside standard business hours as needed to support a globally distributed organization
Job Responsibility
Job Responsibility
  • Accountable for the design, implementation, and ongoing effectiveness of Valvoline's global privacy program, including governance structure, policies, and operational processes
  • Owns enterprise interpretation and application of global privacy laws (e.g., GDPR, CCPA/CPRA), establishing company-wide standards and guidance
  • Accountable for core privacy program operations, including DPIAs/PIAs, DSAR processes, data mapping, and records of processing activities, ensuring they are scalable, auditable, and consistently executed
  • Establishes and monitors program KPIs and metrics to measure compliance, maturity, and operational effectiveness
  • drives remediation where gaps exist
  • Leads integration of privacy-by-design principles into business processes, systems, and product development, ensuring consistent adoption across functions
  • Accountable for the enterprise AI governance framework, including policy development, risk classification models, and required controls
  • Owns the legal review and risk determination framework for AI/ML use cases, including defining approval thresholds and escalation criteria
  • Ensures AI initiatives meet regulatory, ethical, and internal governance standards, providing final legal guidance on high-risk or ambiguous use cases
  • Translates global AI regulatory developments into enforceable internal requirements, ensuring timely adoption across the enterprise
What we offer
What we offer
  • Health insurance plans (medical, dental, vision)
  • Health Savings Account (with an employer-base deposit and match)
  • Flexible spending accounts
  • Competitive 401(k) with generous employer base deposit and match
  • Incentive opportunity
  • Life insurance
  • Short- and long-term disability insurance
  • Paid vacation and holidays
  • Employee Assistance Program
  • Employee discounts
  • Fulltime
Read More
Arrow Right

Senior Director, Privacy and Cybersecurity

The Senior Director, Privacy and Cybersecurity provides leadership to protect Un...
Location
Location
United States , Alexandria
Salary
Salary:
144000.00 - 180000.00 USD / Year
unitedway.org Logo
United Way
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree required
  • Master's in Cybersecurity, Computer Science, or related field strongly preferred.
  • CISSP, CISM, CIPT or other Security Certification required.
  • 10+ years of expert-level experience in privacy, cybersecurity, or cyber law, with 5+ years experience in managing security team.
  • Excellent organization, communication, and motivational skills with an attention to detail.
  • Demonstrated success in cybersecurity program development and staff training/awareness.
  • Experience in facilitation bringing end users to appropriate solutions involving an appropriate balance between end user requirements and risk minimization.
  • A self-starter attitude and strong interpersonal skills with the ability to work independently and collaboratively and ability to interact with people at all levels.
  • Solid understanding of Privacy regulations, data management practices, and IT systems.
  • Understanding of large-scale System Development Life Cycle (SDLC) in addition to experience with implementation, integration, interfaces, data use mapping and flow design.
Job Responsibility
Job Responsibility
  • Serve as the Data Protection Officer (DPO) for United Way Worldwide
  • Monitor, interpret, and implement compliance with global privacy regulations (GDPR, CCPA, HIPAA, PIPEDA, etc.), along with analyzing and advising on recent trends for non-profit organizations
  • Lead alignment with established and emerging privacy laws and regulations applicable to local United Ways at a global level.
  • Develop, deliver, and drive awareness of data privacy and security privacy programs and training
  • Champion Privacy by Design when developing, implementing, or considering new data systems
  • Provide guidance and feedback in contracting/purchasing process to ensure vendors meet security/privacy requirements and to advise on optimizing data matters such as data minimization, flow, and security
  • Conduct Privacy Impact Assessments (PIA: Privacy of Data) and Data Privacy Impact Assessments (DPIA: Risk) and Transfer Impact Assessments (TIA)
  • Identify, build, or implement tools to manage privacy across systems
  • Oversee and manage Data Subject Access Request processes
  • Lead cybersecurity program in alignment with NIST CSF and NIST SP 800-53. Operationalize security practices.
What we offer
What we offer
  • health
  • dental
  • life
  • short-term and long-term disability
  • employee assistance program
  • 403(b) plan
  • tuition assistance
  • paid time off
  • family sick leave
  • medical appointment leave
  • Fulltime
Read More
Arrow Right

Data Privacy Specialist – Marketing

The Data Privacy Specialist in Marketing will oversee the implementation of data...
Location
Location
South Africa , Johannesburg
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree
  • +5 years’ experience in Data Privacy or related fields
  • Experience in implementing Data Privacy programs and controls in Marketing functions in multinational organizations
  • Understanding of Marketing processes and frameworks
  • Relevant degree and/or Data Privacy certifications and qualifications (e.g. CIPP/E/CIPM/AIGP)
  • Experience in advising on complex data protection matters with practical advice
  • Experience in working with or advising large, multinational organizations
  • Experience in working on compliance projects
  • Deep knowledge of global data protection laws and regulations
  • Demonstrates accuracy and thoroughness and high levels of attention to detail
Job Responsibility
Job Responsibility
  • Implement NTT DATA Inc.’s Data Privacy policies, processes, and standards within the Marketing function
  • Lead and support Data Privacy strategic projects and initiatives across global Marketing operations
  • Support the integration of global data protection requirements into Marketing processes, systems, and transformation initiatives
  • Contribute to and maintain the Record of Processing Activities (ROPA) for Marketing
  • Project manage the Data Privacy requirements of new Marketing transformation projects, digital tools, and initiatives
  • Support the implementation of Marketing centralization and integration initiatives
  • Ensure data migration, consolidation and integration activities involving personal data are conducted in compliance with applicable data protection regulations and NTT DATA Inc’s Data Privacy standards
  • Conduct or support Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), and Transfer Impact Assessments (TIAs)
  • Identify, document, and assess Data Privacy risks within Marketing and develop strategies to manage or mitigate them
  • Coordinate and support responses to Data Subject Requests (DSRs) related to Marketing data
  • Fulltime
Read More
Arrow Right

Data & Analytics Lead

We are seeking an individual who thrives in ambiguity, capable of driving data a...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Btech/ MBA/ PHD
  • Minimum of 10 -12 years of relevant business and functional experience
  • Data Engineering: Hands-on experience with Databricks/Delta Lakehouse, SQL, Python, PySpark, orchestration tools, and CI/CD
  • Visualization & Storytelling: Proficiency with Power BI/Tableau/Looker and ability to craft executive-level narratives
  • GenAI & Analytics: Exposure to GenAI/ML platforms and ability to apply them in procurement/supply chain contexts
  • Domain Knowledge: Strong understanding of procurement and supply chain processes, supplier master data, and compliance frameworks
  • Governance & Compliance: Knowledge of SOX, GxP, GDPR, and audit practices
  • Communication & Influence: Ability to simplify complex analytics for stakeholders across procurement, finance, IT, and executive leadership
  • Strategic Thinking: Ability to design scalable, future-proof data solutions
  • Collaboration: Strong cross-functional team collaboration skills, including mentorship and knowledge transfer
Job Responsibility
Job Responsibility
  • Develop and implement enhancements aligned with broader S2C strategic objectives and enterprise data strategy
  • Define and manage a data and analytics roadmap, prioritizing dashboards, AI/ML models, APIs, and data products
  • Track value delivery through KPIs such as cycle-time reduction, supplier risk mitigation, savings enablement, and user adoption
  • Build and manage pipelines into data lakes/lakehouses (e.g., Databricks/Delta), integrating ERP, CLM, SRM, and external data sources
  • Code in SQL and Python for data modeling, cleansing, and transformations
  • Implement robust data quality, governance, lineage, and audit controls
  • Deliver executive-ready dashboards and insights using tools such as Power BI, Tableau, or Looker
  • Establish visualization standards and KPIs to enable consistent decision-making
  • Convert complex analyses into clear, compelling narratives for senior stakeholders
  • Apply GenAI tools for procurement use cases, including contract intelligence, supplier summaries, and clause analysis
  • Fulltime
Read More
Arrow Right

Technical Project Manager

We are currently seeking a Technical Project Manager to join our team in Pune, M...
Location
Location
India , Pune
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8 years of progressive experience in technical project management, software engineering, or related technical roles
  • Minimum 3-4 years managing complex technical projects in Hybrid environments
  • Proven track record delivering software products or platforms from conception through production deployment
  • Experience working directly with software engineering teams managing full SDLC
  • Demonstrated success navigating complex technical landscapes with multiple dependencies
  • Background working in product-led organizations with cross-functional teams
  • Financial services or regulated industry experience highly preferred
  • Solid understanding of software development lifecycle (SDLC) and methodologies (Agile, Waterfall, DevOps)
  • Working knowledge of modern software architecture patterns (microservices, APIs, event-driven, serverless)
  • Familiarity with cloud platforms (AWS, Azure, GCP) and cloud-native development
Job Responsibility
Job Responsibility
  • Define comprehensive project scope, objectives, success criteria, and deliverables aligned with business strategy and technical requirements
  • Develop detailed project plans including work breakdown structures, schedules, resource allocation, budget estimates, and dependency mapping
  • Establish project governance structure with clear decision rights, escalation paths, and approval gates
  • Create realistic timelines incorporating technical complexity, resource constraints, and risk factors
  • Define and track key project milestones, deliverables, and quality gates
  • Coordinate and monitor project progress across multiple workstreams and technical teams
  • Track project performance against baseline using earned value management and agile metrics
  • Conduct regular status reviews with project teams and stakeholders
  • Identify schedule slippage, budget variance, or scope creep early and implement corrective actions
  • Manage project changes through formal change control processes
  • Fulltime
Read More
Arrow Right

Sr Specialist, Candidate Programs

The Sr. Specialist, Candidate Programs leads advanced operational oversight of t...
Location
Location
United States , Overland Park
Salary
Salary:
Not provided
https://www.t-mobile.com Logo
T-Mobile
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree OR combination of education and experience deemed equivalent
  • 3+ years of experience in background screening program management, recruiting operations, immigration program coordination, HR compliance, or shared services case management
  • Experience supporting Labor Certification (PERM) recruitment processes in partnership with Legal and Immigration teams
  • Proven experience managing domestic and international background screening initiatives and vendor relationships
  • Experience with Workday ATS and integrations between ATS and HRIS systems
  • Experience using ServiceNow or similar enterprise case management systems, including workflow optimization or reporting
  • Experience supporting M&A integrations, bulk screening projects, or large-scale program implementations
  • Experience with Accurate or similar background screening vendors and platform management
  • Advanced knowledge of background screening best practices, adjudication frameworks, and regulatory compliance for domestic and international screenings
  • Working knowledge of Labor Certification (PERM) recruitment requirements, documentation standards, and Department of Labor compliance expectations
Job Responsibility
Job Responsibility
  • Provide operational ownership of the end-to-end background check program, including domestic and international screening workflows, adjudication frameworks, compliance controls, and ServiceNow case management standards
  • Act as the escalation point for complex background check cases, ServiceNow case escalations, legal inquiries, and vendor disputes
  • coordinate with Legal and Risk for case review and final decisions
  • Oversee and optimize ServiceNow case management workflows related to background screening and candidate compliance, ensuring proper documentation, categorization, reporting accuracy, and SLA adherence
  • Analyze ServiceNow case trends and metrics to identify recurring issues, compliance risks, training gaps, and opportunities for process automation or operational efficiency
  • Partner with Legal and Immigration teams to support Labor Certification (PERM) processes, including coordination of recruitment documentation, candidate data validation, audit file preparation, and process tracking to ensure regulatory compliance
  • Support data integrity and documentation requirements related to Labor Certification cases, ensuring alignment between Workday ATS records, recruitment postings, and required audit materials
  • Own vendor relationships and contracts with screening providers
  • manage service level performance, coordinate vendor remediation, and lead vendor selection activities as needed
  • Lead candidate data governance within Workday ATS and related systems, ensuring high-fidelity data, scalable integration processes, and integrity between ATS and HRIS
What we offer
What we offer
  • competitive base salary and compensation package
  • annual stock grant
  • employee stock purchase plan
  • 401(k)
  • access to free, year-round money coaches
  • medical, dental and vision insurance
  • flexible spending account
  • paid time off
  • up to 12 paid holidays
  • paid parental and family leave
  • Fulltime
Read More
Arrow Right

Senior Director Privacy Counsel

Bumble’s mission is to foster healthy and equitable relationships across the glo...
Location
Location
United States , Austin; New York
Salary
Salary:
205000.00 - 275000.00 USD / Year
bumble.com Logo
Bumble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • J.D. degree and active bar membership in good standing
  • 12+ years of relevant privacy and data protection experience, including in-house counsel roles with U.S.-based global companies
  • Deep understanding of global privacy regulations, including GDPR, UK GDPR, CCPA/CPRA, biometric specific laws and other U.S. privacy and data security frameworks
  • Demonstrated experience leading complex data breach and incident response programs, including coordination with InfoSec, legal assessments, and notification requirements
  • Hands-on experience owning and managing ROPA, DPIAs, and other GDPR compliance artifacts
  • Practical, risk-based mindset and strong organizational skills—comfortable building scalable systems that reduce redundancy and ensure compliance
  • Ability to distill complex regulatory requirements into clear, actionable advice tailored for business partners
  • Experience building teams and/or leading through senior cross-functional partners — setting standards, coaching, and creating clarity across ambiguous, high-impact work
  • Strong interpersonal and communication skills with a proven track record of influencing and collaborating across diverse global teams, including the ability to present to and advise senior leaders across the organization and the members of the Audit Committee
  • Deep alignment with Bumble’s mission, values, and global focus
Job Responsibility
Job Responsibility
  • Define Bumble’s global privacy strategy, operating model, and multi-year roadmap, navigating new uses of member data in AI models as well as the emerging regulatory schemes that will govern this work
  • Provide critical strategic legal guidance regarding privacy usage that drives both innovation and the Company’s commitment to privacy while building an efficient & scalable privacy compliance function - and partnering hands-on with leaders across the organisation
  • Drive scalable, cross-functional privacy compliance programs aligned with global frameworks including GDPR, UK DPA, CCPA/CPRA, and other U.S. state-level privacy laws, creating a data governance framework and implementing a data governance structure
  • Provide regular privacy reporting and presentations to the Audit Committee and senior leadership, clearly communicating risk, readiness, trends, and decisions in a way that supports strong governance
  • Partner closely with an external Data Protection Officer (DPO) and internal senior leaders to navigate EU and UK obligations, US privacy frameworks, and evolving regulatory expectations, negotiating solutions that preserve relationships and outcomes
  • Lead Bumble’s privacy-related cyber incident and data breach response program end-to-end in close partnership with Information Security—owning readiness and investigation/triage protocols related to privacy, making notification and regulatory reporting decisions across jurisdictions, coordinating regulator engagement, and driving post-incident remediation and lessons learned—serving as the senior escalation point for high-severity matters
  • Own and maintain core GDPR compliance documentation, including Records of Processing Activities (ROPA), Data Protection Impact Assessments (DPIAs), and Lawful Basis assessments and draft and negotiate Data Processing Agreements
  • Partner closely with InfoSec, Product, and Engineering teams to ensure security safeguards, privacy-by-design, and clear roles and responsibilities in incident preparedness
  • Partner closely with the member support function to respond to requests from members for access to or deletion of their data, and assist on (i) regulatory investigations from regulators in the US, UK and EU
  • and (ii) member claims in civil courts, in relation to Bumble’s response to members’ requests
  • Fulltime
Read More
Arrow Right

Senior Vice President

Senior Vice President role in the Data Transfers Office focusing on delivering a...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Progressive experience in privacy, regulatory operations, legal, compliance, or data governance within global financial institutions or enterprise settings
  • Proven success in managing and developing cross-functional teams across multiple time zones in complex, matrixed organizations
  • Strong working knowledge of international privacy laws and cross-border regulatory requirements including GDPR, CCPA
  • Hands-on experience with automation tools, workflow platforms, and AI integration in business processes
  • Demonstrated expertise in risk and control frameworks including process oversight and audit preparation
  • Prior consulting experience showcasing ability to diagnose issues and propose solutions
  • Strong proactive and analytical problem-solving mindset
  • Demonstrated ability to take ownership and deliver results
  • Exceptional track record of executive communications and advisory support
  • CIPP/CIPM/CIPT/CISA certifications an added advantage
Job Responsibility
Job Responsibility
  • Lead and operationalize cross-border data clearance activities covering privacy, outsourcing, localization, and data sovereignty requirements
  • Build and manage a high-performing team responsible for execution, coordination, and control adherence
  • Design and implement a scalable and efficient operating model aligned with Citi's global data transfer framework
  • Collaborate effectively across global legal, compliance, technology, and business teams
  • Drive product and automation development including AI-powered decision support systems and workflow integrations
  • Own and maintain the business-aligned Data Transfer Register
  • Conduct in-depth qualitative and quantitative analysis to evaluate process performance
  • Serve as a trusted advisor to business partners on framework implementation and regulatory interpretation
  • Produce and curate high-quality content including playbooks and guidance documents
  • Communicate complex regulatory and process information to senior management and stakeholders
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to learning and development resources
  • Fulltime
Read More
Arrow Right