We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It%27s about showing how you embody our valued behaviours – do the right thing, better together and never settle – as well as our brand promise, Here for good.
We%27re committed to promoting equality in the workplace and creating an inclusive and flexible culture – one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
Make an impact every day with Trust, Data and Resilience (TDR)
Our TDR team sits within the Group Operations function and is responsible for mission-critical areas including cyber, information, data, privacy and resilience. These are challenges that impact our clients globally. Our TDR team develops the platforms, drives the processes and builds partnerships to benefit millions of people every day. They thrive in providing solutions to complex issues, devote time and energy to designing new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. TDR chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Solution centres in China, India, Malaysia and Poland, or even from our home.
Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators and achievers. With us, you’ll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.
The Role Responsibilities
The Data Management and Privacy Operations team is part of a newly formed ‘1st line’ centre of excellence under Group COO – Trust, Data %26amp; Automation. The role will support the respective businesses and functions assigned %26amp; work closely with the 2nd line compliance and the Information Cyber Security (ICS) %26amp; Risk assurance teams to design, implement %26amp; operationalise capabilities for Data Management %26amp; Privacy Operations. The role will ensure that these capabilities are operating effectively in BAU to achieve and manage the respective business objectives in this area. The role will also provide timely feedback / data to all stakeholders to meet any key regulatory obligations and key business priorities.
The successful candidate will have an opportunity to work in a multi-disciplinary team aimed to design, build and/or operate data, records and privacy controls to mitigate risks. Responsibilities include but are not limited to, data and privacy risk assessments, business process design and assessments, data protection impact assessments, data incident management, awareness and training, verification that proper risk assessments have been completed and up to date for vendors handling personal data, and verify applicable vendor agreements include required privacy and data protection terms according to global policy, client requirements and applicable privacy law.
This is a hands-on, individual contributor role, working very closely with the assigned Business %26amp; Functions group and with a team of other data management %26amp; privacy experts who provide subject matter expertise and advice, tailored to the businesses, regions and functions of the Bank.
Provide Operational Support
- Implement and manage operational processes which delivers outcome focused %26amp; timely service delivery.
- Analyse existing business %26amp; functional processes to identify automation opportunities in area of data management, data privacy and records management.
- Recommend process improvements to address control gaps and to enhance efficiency where possible.
- Support %26amp; coordinate with stakeholders in defining automation or remediation actions / solutions.
- Develop, track %26amp; analyse actionable metrics to continuously improve tools, procedures %26amp; provide visibility of operations to management.
- Facilitate workshops for assigned Business / Functions with 2nd line of defence and Technology to source inputs and document outcomes on:
- current state (e.g. systems, processes, controls, projects, documentation including contractual arrangements)
- risks and controls,
- gather / validate requirements for applications supporting data and privacy management,
- proposed processes, controls, frameworks / templates, solutions
- Conduct assessments / surveys (e.g. on privacy impact / risk %26amp; controls) / data gathering and analysis on applications, products, processes, documentation and third parties to evaluate compliance with laws, regulations, and internal standards
- Draft / update policies, guidelines, procedures and documentation as required based on external or internal changes
- Drive change and adoption including, but not limited to, creating communications (e.g. launch campaigns), training materials as well as delivery of training
- Facilitate the choice and implementation of technology solutions, including, but not limited to requirements gathering, driving build vs buy decisions, system implementation, testing
- Monitors any new, or changes to existing, technology applications, products, or operational processes and ensures that data and privacy risks are appropriately managed
Governance %26amp; Risk Management
- Support liaison with Risk Assurance team on any Group Internal Audit and any regulatory inspections as required.
- Assist in identifying, assessing, monitoring, controlling and mitigating data management, privacy and record management risks to the Group.
- Adopt a proactive approach to threat risk assessment through appropriate stakeholder engagement and monitoring of the external environment to improve assurance planning.
- Define metrics and dashboards for monitoring and reporting purposes
- Provide write ups and data visualisations to forums to enable decision making
- Participate in related workshops/forums to provide input on privacy processes and requirements for new products/initiatives
- Ensure compliance with privacy processes to deliver swift resolution of privacy related issues and incidents
- Report on relevant privacy process related matters, including metrics, KRIs, issues, incidents and risks
- Provide timely and accurate reporting to internal risk assurance team %26amp; appropriate forums /committees
- Design/ re-design processes and controls to ensure compliance with laws, regulations, and internal standards in the most efficient, streamlined and customer centric way for the Group
Training, Awareness %26amp; Change Adoption
- Increase awareness of data %26amp; privacy risk and processes within the assigned Business / Functions by supporting training programs, maintaining and uplifting supporting procedures and materials
- Ensure training needs of Business/Functions are shared with the Training Lead in the Programme and help to support/design appropriate training delivery accordingly.
Regulatory and Business Conduct
- Display exemplary conduct and live by the Group%27s Values, Valued Behaviours, and Code of Conduct
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
- Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
- Group COO – Trust, Data, and Automation
- Head – Data Management %26amp; Privacy
- COO – various Business and Functions
- Chief Data Protection Officer
- Head of Operations – Automation
- Head – ICS, Business %26amp; Functions
- Global Head of Assurance – Cyber, Data %26amp; Automation
- 2nd line Risk %26amp; Compliance
- Chief Information Security Officer
Our Ideal Candidate
- Extensive experience in a relevant role (e.g. Compliance, Legal, Audit) or experience in a data %26amp; privacy domain of a large organisation
- Experience in one of the following Business / Functions will be an added advantage (e.g. Retail Banking; Corporate %26amp; Institutional Banking; Wealth Management; Private Banking; Legal; HR; Operations; Risk)
- Effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers
- Ability to perform the role of ‘Change Leader’
- Confident and courageous to raise/escalate issues in a pro-active, professional, and timely manner
- University degree with professional certification (such as CIPP, CIA, CISA, CISSP, or CISM) preferred
- Highly motivated individual with a strong track record of achievement
- A good team player
- Ability to multi-task and work under tight deadlines
- Excellent stakeholder management skills
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.