Risk Consultant - Data Privacy

Risk Consultant - Data Privacy FocusedLarge Banking ClientDuration: 6+ months -can extend up to 18Location: Charlotte, NC or Atlanta, GAHybrid: 4 days onsite per weekTop Requirement:5+ years of experience in the areas of Risk, Data Privacy, Audit, and Risk Controls, etc.Large Banking/Financial Services Industry ExperienceExperience sitting in on risk assessment calls with 3rd party vendor, risk advisors, infosec and others to assess type of service being provided,Experience with Data AnalysisSharepoint -TCPA and CCPA - Privacy regulation knowledge/experienceExperience Assessing ControlsNotes: This position sits in the Enterprise Data World, roles up Data PrivacyRisk Advisor Role, looking for someone with experience with analyzing data, looking at controls, very detailed orientedDay to Day: Sitting in inherence risk assessment calls with 3rd party vendor, risk advisors, infosec and others to assess type of service being provided, accessing our clients network, what data is being collected, and how it flows. If any person info being shared by our org. That would trigger a DDQ (overarching risk questionnaire for 3rd party service providers), the individual will review responses of questionnaire, review artifacts reported by vendor, assess controls.Does involve monitoring mailbox, response to questions. Main bulk of work to sit in inherent assessment calls, reviewsJob Description:Perform risk assessments to ensure that third party vendors have adequate controls in place to protect our clients consumers personal data or mitigate risk as required.- Partner with Third Party Risk Management, Supply Chain Adherence Advisors, and Business Units to execute third party privacy risk review processes and mitigating controls to ensure we effectively manage privacy risks related to third party services.- Attend Inherent Risk Assessment calls to represent Privacy. Ask questions of service manager to ensure privacy risks (sharing of personal data) are properly identified and risk assessed.-Perform Privacy Impact Assessments by reviewing KY3P DDA questionnaires and artifacts provided by suppliers to validate controls are in place and determine if privacy risks are properly addressed or mitigated.- Partner with Governance Partners to successfully escalate items that are not in compliance with policies and procedures to determine best approach for risk mitigation.-Monitoring ECRS Privacy Third Party Review team mailbox and providing responses as needed to submissions.- Updating ECRS tracker as needed for compRequired Experience:Experience as a business analyst or related role/Experience, with Experience in one or more of the following areas: Project Management, business Process Management, Relationship Management, business Operations, Quality- Experience working with third party vendors or managing third party relationships- Experience in conducting analysis and due diligence to determine level of risk.- Ability to recommend mitigating controls to change programs or third-party relationships.- Aid in the creation of metrics to monitor the success and sustainability of the recommendations made.- Aid in creating and monitoring reports to communicate to executives and partners risk levels.- Collaborate with multiple levels and Line of business subject matter experts to ensure recommendation are best practices and compliant with regulatory and policy requirements.- Aid in the creation of metrics to monitor the success and sustainability of the recommendations made.- Applies knowledge of best practices derived from Experience and external networking to solve a range of complex technical and operational problems.-Application Experience: Microsoft (Outlook, Excel, etc. ), Teams, SharePoint- Strong communication skills (both speaking and writing)- Attention to detail- Thoroughness- Timeliness- Self-motivated/InitiativeNice to Have skills:Knowledge and understanding of privacy regulations and/or privacy legislation (e.g., GLBA, CCPA, CPRA, TCPA, etc.)-Archer application experience-Managing Mailbox and handling communication responses across the organization.- Sharepoint Site

Created: 2025-02-22