Description
Control Manager, 12-month contract, per day, Esch-sur-Alzette, Luxembourg.
What will you do?
Working on behalf of the business to co-ordinate and manage privacy incidents and breaches:
- Manage Privacy Incident Reports (PIRs) as they arise. This includes working with the business unit's employees to ensure that the PIRs are clear, accurate and complete
- Ensure action has been taken to correct issues documented in PIRs and monitor timely completion
- Maintain the records of incident & breaches in the I&TS central PIR log or equivalent
- Ensure that the business Process RCSA (level 3) and Personal Data Process Inventories are updated
- Provide the LPO with periodical report on remedial action plan and privacy reporting completions
- Attend, as delegate of the BU, the PIRC meetings to explain volume of minor breaches being exceeding the risk appetite fixed at the legal entity level and explain moderate and above breaches in their units.
- Cascade periodic enterprise-level Privacy related communications to unit employees to reinforce awareness.
Perform and support some of the activities of the wider regional Operational Control Team:
-Review Operational Risk Events to understand root causes, process deficiencies and control failures
- Escalate Operational Risk Events/Identified Control Gaps and Issues on a timely basis to Operational Control Management and Management of Business
- Follow up on identified issues and actions on a regular basis as required by the Operational Control Practices and escalate any non-compliance/delays identified.
- Using a risk/control-based approach, support the Business-level, Country-level and Enterprise-level Operational Risk and Control Self-Assessments Program to ensure standardization and consistency of practices in the end-to-end process
Execute control-related Enterprise initiatives as assigned.
What do you need to succeed?
- Experience in financial services and experience in a control function
- Awareness of privacy risk and breach management process
- Demonstrated ability to lead discussions on privacy and control related topics
- Strong analytical and problem-solving skills
- Strong attention to detail
- Good understanding of GDPR requirements
- Good business process knowledge within asset servicing
- Good understanding of risk management
- Strong written and verbal communication skills
- Self-motivated with strong sense of initiative