Mediabistro logo
job logo

Director - Privacy Risk Management

RBC Capital Markets, LLC · New York, NY, USA ·

Pay:
$130,000-$200,000/yr
Job type:
Full Time

Job Description

This role is responsible for developing and implementing privacy risk management programs across RBC's CM & US Operations (CUSO) including Capital Markets, RBC Bank, City National Bank and US Wealth Management. You will implement comprehensive privacy compliance frameworks that meet US federal and state regulatory requirements while supporting business objectives.

The role encompasses privacy program management, regulatory relationship management and oversight of privacy risk management initiatives. You will serve as RBC's primary privacy representative to US regulators, providing expertise on CM & US privacy matters including GLBA, Regulation P, CCPA/CPRA, GDPR, PIPEDA and emerging state privacy laws.

Reporting to the MD Data Management, you are integrated into the CUSO/CM Chief Controls Office team.

What will you do?

Privacy Program Development and Management

  • Design, develop and implement privacy compliance programs for CM and US business segments in alignment with enterprise privacy standards
  • Conduct privacy risk assessments, supplier risk management assessments, privacy breaches and complaints; help develop and maintain privacy policies, procedures, and control frameworks
  • Collaborate with Global Privacy Office and enterprise functions to ensure consistent application of privacy standards
  • Implement privacy-by-design principles and support emerging technology governance, particularly relating to artificial intelligence and automated decision‑making within CM & US Operations

Regulatory Relationship Management

  • Serve as primary privacy representative to US regulators including FTC, CFPB, state attorneys general, and relevant federal banking regulators
  • Lead privacy-related regulatory examinations, inquiries, and enforcement discussions on behalf of CM & US Operations

Compliance and Risk Management

  • Oversee day‑to‑day privacy compliance activities including data subject access requests, privacy breach incident management, and regulatory inquiries specific to CM & US Operations
  • Develop privacy metrics and reporting for senior US management on compliance effectiveness and emerging risks

Team Leadership and Stakeholder Management

  • Lead a privacy team of up to 5 professionals with expertise in privacy regulations and financial services operations
  • Provide advisory support and privacy expertise to CM and US business segment leaders and cross‑functional teams
  • Drive privacy awareness and training initiatives across CM and US Operations
  • Participate in privacy committees, governance forums, and cross‑functional projects

Cross‑functional Integration

  • Partner with US business segments to integrate privacy considerations into product development, marketing, and operational processes
  • Collaborate with Legal, Compliance, Technology, and Risk Management functions on privacy‑related initiatives
  • Provide privacy expertise for US new business initiatives, system implementations, and process changes
  • Support enterprise privacy governance through US‑focused reporting, metrics, and risk identification

Committee Participation

  • Share insights, themes, and findings from exams, audits, and regulatory changes with stakeholders to drive awareness and process improvement
  • Enabling alignment across LODs and stakeholders on control priorities emerging from exams, audits, and regulatory changes
  • Drive efficiency through consistent approach to planning, responding to and managing operational risks

Required Skills

  • Bachelor's degree and professional privacy certifications with US focus (IAPP - CIPP/US required, CIPM preferred); minimum 7 years privacy and banking compliance experience and 5 years experience with US privacy regulations; demonstrated experience with US regulatory relationship management
  • Leading privacy compliance programs in US financial services or similarly regulated industry
  • Deep knowledge of CM & US privacy regulatory framework including GLBA, Regulation P, CCPA/CPRA, GDPR, PIPEDA and emerging US state privacy laws
  • Direct experience with US privacy regulators including FTC, CFPB, and state enforcement agencies
  • Experience managing privacy-related regulatory examinations, enforcement actions, and remediation programs
  • Understanding of US financial services products and operations across Capital Markets, Wealth Management and Consumer Banking
  • Experience implementing privacy controls and governance frameworks in regulatory environments
  • Knowledge of US privacy technologies including consent management and privacy rights automation platforms

Nice to have

  • JD or advanced degree; additional US-focused certifications in data governance or financial services
  • Expertise with privacy management platforms (OneTrust, etc.)
  • Knowledge of AI governance and emerging privacy technologies
  • Experience with US state privacy law implementation

Benefits

A comprehensive Total Rewards Program including bonuses, flexible benefits, and competitive compensation.

Leadership support through coaching and development opportunities.

Dynamic, collaborative, progressive, high‑performing team environment with challenging work.

Competitive salary $130,000 - $200,000 plus discretionary bonus and benefits such as 401(k) match, health, dental, vision, life, disability insurance, and paid time off.

#J-18808-Ljbffr