Requirements
- Advanced degree in Information Management, Data Science, Law, Risk Management, or related field (or equivalent experience).
- 7-10 years’ experience in data governance, data protection, or information risk, preferably within the fintech or financial services sectors.
- Working knowledge of data governance/protection regulations (e.g., GDPR, CCPA, UK Data Protection Act, BCBS 239) and industry frameworks.
- Experience with data classification, lifecycle management, and secure data sharing best practices.
- Excellent analytical, problem‑solving, and communication skills.
- Recognized professional certifications (e.g., CISSP, CISM, CIPP/E, CDMP, CIPT, ISO 27001, or similar) are highly valued.
Key Responsibilities
Data Classification & Protection
Oversee and challenge the identification, classification, and management of sensitive and critical data across the business, ensuring appropriate controls are in place and consistently applied.
Data Retention & Compliance
Assess and monitor data retention and deletion practices to ensure compliance with global regulations such as GDPR, CCPA, and the UK Data Protection Act.
Secure Data Sharing
Review and evaluate practices for secure data exchange internally and with third parties, ensuring data transfer controls meet industry best practices and adhere to legal and regulatory standards.
Reporting & Analytics Governance
Oversee governance of reporting and analytics processes to preserve data integrity, privacy, and accuracy, partnering with business and technology teams.
Policy Review & Development
Develop, review, and enhance data governance, classification, and privacy policies, advising on industry best practices and emerging regulatory requirements.
Conduct risk assessments and deep dives on data‑related processes, providing independent challenge and recommendations to 1st line functions.
Contribute to staff training and awareness initiatives on data privacy, classification, and safe handling.
#J-18808-Ljbffr…