Head of Governance (Audit, Risk and Compliance) at Morgan McKinley
The EAP PO Privacy is part of the Global Compliance department and has a mandate for promoting a culture of privacy compliance and oversees the firms privacy practices and initiatives regarding customer and employee information.
The PO has oversight of privacy risk in Europe and Asia-Pacific. It provides specialized advice and counsel to Risk Owners (businesses and corporate functions), reports and escalates privacy issues of key importance within the firm, provides training and acts as a primary point of contact for local privacy regulators.
As second line of defense Oversight Function, the PO along with other risk and oversight partners provide objective guidance, independent challenge and risk-based oversight of the firms compliance with Europe and Asia-Pacific privacy laws, rules and regulations.
Job Description This role reports to the EAP PO Privacy Manager and supports various activities within Privacy.
Key Accountabilities
- Perform reviews of Privacy Impact Assessments, Legitimate Interest Assessments, Transfer Impact Assessments, Third Party Control Assessments and works with businesses to review and challenge control and mitigation measures.
- Manage data privacy breaches and incidents and assist with data subject rights requests.
- Manage annual review of Records of Processing Activities and the associated Annual Attestation process, including for purposes of Article 30 of the GDPR.
- Maintain privacy issues log and other tracking and record-keeping documentation for the EAP Region.
- Maintain privacy-related risk assessments, metrics and reporting mechanisms to assess the health of the privacy program.
- Remain current on applicable legislation and regulation across the region.
- Assist in maintaining internal privacy policies and notices.
- Support training and awareness program to promote compliance.
- Conduct and/or participate in regional monitoring and testing activities as required.
- Escalate issues as appropriate.
- Support special projects and strategic initiatives as assigned.
- Provide objective guidance, support and advice to promote strong privacy controls and processes.
- Assist with privacy-related activities associated with corporate transactions such as integration, mergers and acquisition activities, including planning, due diligence, privacy impact assessments, policy and procedure reviews and creation.
- Participate fully as a member of the EAP Privacy team and Global Privacy Compliance team through collaboration, sharing of privacy knowledge and expertise and identify ways to innovate our processes.
- Maintain personal/professional development to meet the changing demands of the role, including all relevant regulatory and legislative training.
Seniority level
Associate
Employment type
Full‑time
Job function
Other
Industries
Investment Banking
Location
London, England, United Kingdom
Compensation
£65,000.00-£80,000.00
