Data Protection Officer - South Asia (Senior Vice-President)

Whether you’re at the start of your career or looking to discover your next adventure, your story begins here. At Citi, you’ll have the opportunity to expand your skills and make a difference at one of the world’s most global banks. We’re fully committed to supporting your growth and development from the start with extensive on-the-job training and exposure to senior leaders, as well as more traditional learning. You’ll also have the chance to give back and make a positive impact where we live and work through volunteerism.

Shape your Career with Citi

Citi’s Global Legal Affairs and Compliance (GLAC) empowers and protects Citi by providing legal, compliance, investigative, and security services to our firm. We manage compliance risk, provide legal analysis and advice, protect Citi’s people and businesses, advocate for legal and regulatory outcomes that benefit our firm and our clients, and ultimately promote behavior that is consistent with Citi’s mission and culture.

We’re currently looking for a high caliber professional to join our team as Senior Vice President, Data Protection Officer - South Asia - Hybrid (Internal Job Title: Compl Risk Mgmt Sr Officer I - C14) based in Singapore. Being part of our team means that we’ll provide you with the resources to meet your unique needs, empower you to make healthy decisions and manage your financial well-being to help plan for your future. For instance:

• Citi provides programs and services for your physical and mental well-being including access to telehealth options, health advocates, confidential counseling and more. Coverage varies by country.
• We believe all parents deserve time to adjust to parenthood and bond with the newest members of their families. That’s why in early 2020 we began rolling out our expanded Paid Parental Leave Policy to include Citi employees around the world.
• We empower our employees to manage their financial well-being and help them plan for the future.

Serves as a senior compliance risk officer for Independent Compliance Risk Management (ICRM) responsible for establishing internal strategies, policies, procedures, processes, and programs to prevent violations of law, rule, or regulation and design and deliver a risk management framework that maintains risk levels within the firm's risk appetite and protect the franchise. In addition, engages with the ICRM product and function coverage teams, in order to partner to develop and apply CRM program solutions that meet business and customer needs in a manner consistent with the Citi program framework.

Citi is looking to recruit an experienced Data Protection Officer (DPO) to meet its obligations under the Privacy Laws of South Asia. Reporting to the International Head of the Office of Privacy and Responsible Information Management, the statutory DPO will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the Laws, Rules and regulations for the South Asia region. The DPO will have oversight of staff training, data protection impact assessments, amongst other tasks. The DPO will also serve as the primary contact for supervisory authorities and individuals whose data is processed by the organization. Essential Duties and Responsibilities: In this role, you will work closely with the Business Privacy Officers, Legal, Compliance, Public Policy, and Information Security functions to develop and monitor policies and standards applicable to the business and in compliance with the regulatory requirements.

In this role, you’re expected to:

• Implement measures and a privacy governance framework to manage data use in compliance with the regulations, including developing templates for data collection, assisting with data mapping, and vendor management reviews.
• Work with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments.
• Serve as the primary point of contact and liaison for the South Asian Data Protection Authorities on all data protection related matters under the regulations.
• Serve as the primary point of contact for queries in the business.
• Participate in the Data Privacy governance forums and committees where applicable.
• Manage and conduct ongoing reviews of Citi's privacy governance framework including Binding Corporate Rules (BCR).
• Monitor changes to local privacy laws and make recommendations to senior management when appropriate.
• Set standards and review policies and procedures globally that meet the requirements under the regulations and any localization requirements in countries of operation.
• Develop and deliver privacy training to various business functions.
• Develop strategies and initiatives to ensure engagement with key internal and external stakeholders.
• Coordinate and conduct data privacy audits.
• Collaborate with the Information Security function(s) to raise employee awareness of data privacy and security issues and provide training on the subject matter.
• Collaborate with the Information Security function(s) to maintain records of all data assets and exports and maintain a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs).
• Work with designated privacy law attorneys across Citi's offices and, where necessary, outside counsel to help advise on local data privacy law issues.
• Promote effective work practices, work as a team member, and show respect for co-workers.

As a successful candidate, you’d ideally have the following skills and exposure:

• 10+ years’ experience within a compliance, legal, audit and/or risk function, with recent experience in privacy compliance.
• Experience in developing policy and compliance training.
• Experience working in a regulated industry.
• Strong knowledge of data privacy and data protection regulation, and a good understanding of other major privacy frameworks and evolving legislation worldwide.
• Sufficient knowledge of information technology and data management systems required.
• Well-developed and professional interpersonal skills; ability to interact effectively with people at all organisational levels of the firm.
• Experience of working in a large, global organisation.
• Ability to work unsupervised, exercise leadership, and influence change.
• Excellent writing and presentation skills.
• Strong change and project management skills, including the ability to manage time well, prioritize effectively, and handle multiple deadlines.
• Ability to undertake large, long-term projects, develop alternative methods to complete them, and implement solutions.
• Ability to use independent judgment and discretion when making majority of decisions.
• Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
• Ability to handle confidential and sensitive information with the appropriate discretion.
• Knowledge of PC applications, including MS Office.

Education:

• Hold at least one Data Protection and/or Privacy certification such as CIPP/A, CIPT, AIGP (preferred).
• Bachelor’s degree; experience in compliance, legal or other control-related function in the financial services firm, regulatory organization, or legal/consulting firm, or a combination thereof; Advanced degree preferred.

Working at Citi is far more than just a job. A career with us means joining a family of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.

Take the next step in your career, apply for this role at Citi today

------------------------------------------------------

Job Family Group:

Compliance

------------------------------------------------------

Job Family:

Compliance Risk Management

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.