Are you looking for an opportunity to expand your exposure to assist the business to design, execute, and investigate controls, incidents, processes, and procedures to ensure the proper usage and safeguarding of customer and third party data and other confidential information? Then, this is your opportunity to join the Asset and Wealth Management (AWM) Privacy team, assuming a key role to maintain and enhance a governance structure for executing the privacy requirements that are documented in Firm-wide Policies and supporting documents.

As a Data Privacy Lead - Vice President within Asset and Wealth Management Chief Data Office team, you will be responsible for assisting the business with the design and execution and investigation of controls, incidents, processes, and procedures to ensure the proper usage and safeguarding of customer and 3rd party data and other confidential information. You will be required to partner with business functions to drive implementation to comply with the data protection and privacy policy framework and requirements. In this role, you will manage the proper delivery and completion of Privacy awareness sessions or additional training working with Privacy Compliance to develop Line of Business/Product specific training and awareness campaigns to address emerging risks or control deficiencies. Lastly, you will be an active member in the appropriate Privacy, Business and Control Committees and Forums to provide transparency through reporting on business privacy risks and issues, controls, project updates or other privacy matters requiring escalation.

Job responsibilities:

• Have the appropriate stature, authority, and accountability to implement and execute the First Line of Defense Privacy operating model that adheres to firm-wide requirements and drive required results
• Work with Privacy Champions as well as Privacy teams in other lines of business and assist Privacy Compliance with cascading privacy communications throughout the business to improve awareness of privacy requirements
• Influence management decisions around usage and access to resources in the business that are commensurate with the level of privacy risks in order to drive the control requirements and/or enhancements
• Ensure effective execution of privacy and data protection requirements, maintenance of privacy related procedures and adherence to such procedures
• Provide support the respective Privacy Compliance and Privacy Legal contacts and participate in privacy workgroups, strategic projects or targeted reviews that require business engagement
• Assist the business with the design and execution of controls to address privacy business requirements and mitigate privacy risks
• Assess the impact of privacy regulatory changes on the business & technology operations, processes or procedures, including modifications needed. Provide transparency to Privacy Compliance and Privacy Legal into the Line of Business preparedness for complying with regulatory change
• Assist the business with preparing for privacy related exams, compliance tests and internal audits and notify and engage Privacy Compliance during such reviews.
• Work within the business to ensure that privacy incidents are reported timely and accurately to the Incident Response Team, in accordance with policy; assist in determining necessary client and/or regulatory notifications as appropriate.
• Provide transparency to business and compliance management through accurate reporting and metrics based on identified business risks, results of self-assessments, control environment, tests, audits and external events with potential impact to the business.
• Evaluate new projects, suppliers, technologies through the appropriate firm-wide control processes e.g. Third Party Oversight, New Business Initiative Assessment, Inter-Affiliate Services

Required qualifications, capabilities, and skills:

• Bachelor's Degree
• At least 8 years of working experience in Asset Management, Private Banking, Compliance, Audit or Controls sector relevant experience with at least 5 years of experience working in a control, compliance, investigation or data function
• Understanding of processes and information flows for business and operational units that manage customer, employee data and other confidential information
• Ability to work well with a geographically dispersed group of privacy, business and control professionals
• Proven experience delivering timely, high quality presentations and/or reporting for various projects and stakeholders. Attention to detail is a must
• Good understanding of the data privacy and protection regulatory requirements in China (e.g. Personal Information Protection Law, Cyber Security Law, Data Security Law) and experience in driving changes to meet the applicable requirements
• Demonstrated ability in dealing with different stakeholder groups including Business, Marketing, Technology and Operations
• Experience in driving the agenda and both influencing and implementing change
• Excellent communication, organization and relationship management skills with ability to read, write, and speak Mandarin
• Ability to articulate and demonstrate thoughtful rationale in process and product design decisions
• Self-motivated, tenacious and able to work with high degree of independence with strong time management and prioritization skills

Preferred qualifications, capabilities, and skills:

• Certified Information Privacy Professional/Asia (CIPP/A) privacy certification will be beneficial but not strictly required