Privacy Officer, EMEA, VP

JOB SUMMARY:

The Corporate Privacy Office at State Street is seeking a privacy subject matter professional with experience in International privacy laws and regulations across the EMEA jurisdictions in which we operate.
The successful candidate will be part of a team supporting the Businesses and Corporate Functions across State Street and will play a key role in shaping and managing State Street compliance with all applicable data protection frameworks (in particular, the General Data Protection Regulation ("GDPR")), providing privacy related advice and guidance on a variety of privacy issues including, but not limited to, new business initiatives and commercial offerings, cross border data transfers, maintaining a register of processing activities and data flows, implementing EU Model Contract Clauses, assistance with the investigation and management of potential data breaches, conducting Privacy Impact Assessments, research into emerging privacy laws and trends, developing and delivering training etc. The successful candidate will also need to apply their subject matter expertise to pro-actively help embed strong privacy competence and capability across State Street.
This position is ideal for an individual who has already developed strong privacy subject matter expertise. This is an excellent opportunity to become part of a dedicated team of privacy professionals and to operate in a global, top-tier organization in the field of Banking and Financial Services . The position is based in London and reports to the Head of Privacy - EMEA

PRINCIPAL RESPONSIBILITIES:

The successful candidate will perform an authoritative advisory role in relation to data protection matters. In some areas the successful candidate will have direct responsibility, in others the role holders will advise and act through a local network of colleagues. Principal duties and responsibilities include :

• Maintain and develop knowledge of Privacy laws, Regulations and Enforcement, monitoring and reporting on new developments and trends across EMEA
• Provide advice to the Business Units/ Corporate Functions on new initiatives across jurisdictions in which State Street operates.
• Provide guidance on the implementation and management of cross border data transfer mechanisms
• Manage the Privacy Impact Assessments/ Data Protection Impact Assessment process across new projects and business initiatives
• Provide advice and guidance on day to day privacy compliance queries
• Able to react quickly and confidently to advise on and manage potential breaches/instances of non-compliance Interact with the local network to cooperate with the relevant Supervisory Authority as required
• Provide support to local network and functions to ensure that local operations meet State Street privacy obligations
• Interact with the relevant functions to support the development of the most appropriate technical, logical and organizational security controls to protect personal data
• Interact with the First Line of Defense regarding privacy and data protection issues with regard to their business processes
• Provide advice following both data processing audits and data breaches, working with the Business Units to address identified issues, review and refresh policies, procedures and guidelines on a regular basis
• Assist with the design of the Privacy controls compliance framework
• Develop, document, communicate and roll out the global privacy program for certain businesses within EMEA
• Responsible for the development and maintenance of the network of privacy professionals across the businesses (in the First and Second Line of Defense). Develop materials and tools that support education, training and awareness
• Ensure privacy training or communications to business teams reflect the applicable legal requirements
• Liaise and communicate with senior stakeholders

Prepare/review reports and management information for senior managers and the relevant committees

Qualifications
EDUCATION / EXPERIENCE / SKILLS:

The following are required:

• Experienced Privacy professional with strong operational focus
• Preferably ISEB or other local equivalent qualification gained from a recognized professional body or IAPP (i.e. CIPP/E qualified)
• Significant experience in privacy/data protection - at least 5+ years
• Experience in implementing privacy compliance change programs across global organizations
• Flexible approach and a strong team player
• Excellent organizational and project management skills with strong attention to detail
• Must have a customer orientation with the ability to interact comfortably with all levels of the organization
• Ability to collaborate and influence colleagues
• Understanding of compliance control procedures, preferably IT controls in addition to operational controls
• Proactive approach to problem solving and ability to adapt to shifting priorities, meet deadlines and execute in a fast-paced environment
• Able to juggle conflicting demands and prioritize effectively
• Strong IT proficiency, in particular with Word, Excel, Outlook and Sharepoint
• Fluent English written and oral communication skills

The following are strongly preferred:

• Familiarity with the three lines of defense model
• Familiarity with regulated environments
• Familiarity with Information Technology Control Frameworks
• Ideally experience of delivering privacy within a financial services environment but will consider individuals with strong privacy skills and experience
• Experience working in a Global company or an international Law Firm