Risk Manager – Privacy Incident Response, Reporting and Communications (Vice President)
Who we are
Northern Trust provides innovative financial services and guidance to corporations, institutions and affluent families and individuals globally. With 130 years of financial experience and nearly 20,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
What we do
Northern Trust’s international business has grown dramatically over the last decade. Some of our largest clients are located in Asia and Australia, which represents a rapidly growing client base for the company. Since 1986, we have been serving clients in Asia-Pacific (APAC), including corporate pension funds, investment managers, insurance companies, government agencies, family offices and corporations. Our intricate understanding of the region allows us to provide unique insights and strategic perspectives to our clients. Currently, we have client offices in Beijing, Hong Kong, Melbourne, Singapore, Seoul, Tokyo and Kuala Lumpur.
What you will do
Responsible for maintaining and driving the implementation of the Global Privacy Incident Response Program, Playbook and Processes to respond to privacy events impacting Northern Trust information and to provide assurance to internal and external stakeholders, clients and regulators of Northern Trust’s compliance with relevant laws and regulations across Business Units and Operational Functions in Northern Trust.
Reporting into the Global Head of Privacy, the role will focus on managing the Privacy Incident Response Framework and supporting the implementation of the Global Privacy Program and Policy across Northern Trust. Seasoned multi-disciplinary expert with extensive regulatory, technical, business and functional knowledge and expertise in incident response and communications, development of privacy metrics, raising awareness to and communicating effectively with Business Units and Operational Functions on the impact to Northern Trust from privacy events.
Act as principle Incident Management point of contact and Subject Matter Expert for the triaging and investigating of privacy events and responding to these within the applicable regulatory and client contractual requirements.
- Maintain and develop the privacy incident case management systems, business engagement and regulatory notification processes.
- Advise the Business on the applicable requirements of the Global Privacy Incident Response Program and deliver training and communications, in particular on the need to identify and report incidents, and to implement the appropriate remediation actions to prevent reoccurrence
- Develop and maintain metrics and reports for the Business, Committees, and Legal Entity Boards
- Maintain and develop processes and provide input into other Risk and Compliance disciplines, including Cyber Incidents, Insider Risk and Fraud Risk
- Preserve corporate memory and heritage
- Carry out monitoring activities to ensure risks associated with privacy events and remediation plans are implemented as necessary
- Develop and deliver training and communications to the Business, Privacy and Security Champions, and develop and maintain Partner Passport guidelines
- Line manage the Privacy Incident Operations Team in the Philippines
- Build and maintain excellent working relationships with the global, regional and local privacy, risk and compliance teams and Business Units and Operational Functions that are subject to privacy and information processing requirements
- Consistently display a balanced, cross-functional perspective, liaising with the rest of the business to improve efficiency, effectiveness and productivity
- Highly flexible and adaptable to change.
- 15 or more years of experience in financial / banking industry; at least 10 years of risk management or compliance experience.
- At least 5 years of working knowledge and expertise in Incident Management or a related subject e.g. Privacy.
- Candidates possessing Certified Information Privacy Professional (CIPP) or equivalent Privacy certifications are preferred.
- Knowledge of risk management and strategic goals for the bank's business and the financial services industry.
- In depth knowledge of regulations impacting incident management such as privacy and financial services regulations, acquired through formal education and work experience is required.
- Proven track record in developing and leading privacy risk and incident management and compliance strategies, policy and governance frameworks, implementation of controls to effectively manage compliance risks.
- Proven leadership experience in an information / data management and governance setting.
- Experience and knowledge of existing working practices in the financial services industry, including provision of technical advice, risk management, outsourcing, information security controls, data protection impact assessments, and governance and compliance.
- Proven ability to adapt to changing priorities, whilst maintaining focus on organization and team activities.
- Communication and analytical skills are necessary to consult with partners/clients, and analyze information and apply regulations.
As a Northern Trust partner, you will be part of a flexible and collaborative work culture, which has a strong history of financial strength and stability. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company that is committed to strengthening the communities we serve!
We recognize the value of inclusion and diversity in culture, in thought, and in experience, which is why Forbes ranked us the top employer for Diversity in 2018.
We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and ethical companies. Build your career with us and apply today!
Want to learn more about our company? Visit our website.
For further information, and to apply, please visit our website via the “Apply” button below.