MetLife Jobs

Director, Group Privacy Lead

Country

United States

Working Schedule

Full-Time

Work Arrangement

Hybrid

Travel Required

10%

Relocation Assistance Available

Yes

Posted Date

30-Apr-2024

Job ID

2527

Description and Requirements

Position : Director, Group Privacy Lead, Compliance Risk Management, Privacy

Job Location: New York

Department: Compliance Risk Management (CRM) delivers a compliance risk framework that enables the businesses and functions to comply with applicable internal and external rules and regulations and maintain risk

levels within MetLife’s risk appetite. CRM provides constructive challenge to the businesses and functions, partnering closely with them to implement strong processes and effective controls, as well as to foster and

embed a culture of compliance. CRM is part of Global Risk Management.

Within CRM, the Privacy Compliance Group (PCG) is a central oversight team responsible for the design, maintenance, and oversight of the global privacy compliance program for MetLife. Key deliverables include data incident management, ensuring Corporate Function specific privacy requirements are fulfilled such as employee privacy compliance with HR, Privacy by Design with technology, AI specific requirements with Analytics and data lineage requirements with Data Governance.

The Role : This position reports to the Chief Privacy Officer. This role will have overall responsibility for maintaining and updating MetLife privacy program. Supporting the Chief Privacy Officer, this role will be responsible for managing the day-to-day operations of the PCG, interpreting, implementing, and updating global compliance policies, with a specific focus on application to Group Corporate Functions. In addition, this position will be responsible for devising and implementing strategies to further the ongoing maturity of MetLife’s global privacy compliance program; conducting and communicating risk assessments impacting the enterprise; and leading global privacy training initiatives, including regular regional touchpoints with Regional Heads of Privacy. Overseeing global privacy initiatives, such as those relating to privacy technology solutions and privacy policy changes.

Key Responsibilities:

• Execute, review and update existing global privacy policies, procedures, and processes in line with regulatory requirements and expectations.

• Lead global privacy training design and drafting of annual mandatory privacy training, including working with regional privacy teams to coordinate regulatory updates to content.

• Active day-to-day involvement in execution and implementation of the PCG operating model and assisting Group Corporate Function stakeholders.

• Collaborate with regional privacy teams on Global Privacy Risk Assessment (PRA) process, review and challenge activities; provide SME review and challenge for enterprise-wide PRAs.

• Support enterprise Third Party Risk Management Privacy review and challenge framework

• Develop Third Party Risk Management Privacy Risk framework aligning Privacy Compliance Risk though TPRM Policy and processes in ServiceNow

• Manage PRG resources located in Global Operations Service Center (India) with day-to-day oversight of resource activities

• Act as SME escalation point for enterprise-wide reviews of third parties

• Develop and execute annual training plans for Group Corporate Function

• Oversight of metrics and reporting to measure regional privacy risk, including key performance indicators.

• Collaborate with Global Resilience, Global Security and Legal Affairs on crisis management policies, practices, incident response and investigations, including providing support on global cyber tabletop exercises.

• Advise on and provide credible challenge in collaboration with responsible compliance contacts to the Group Corporate Function as to compliance with relevant privacy laws, regulations, and policies.

• Stay abreast of changes in the regulatory environment and help analyze the business impact of privacy-related regulatory changes impacting to Group Corporate Functions.

• Participate, as required, in Non-Financial Risk Assessment challenge.

• Develop and lead initiatives to advance the effectiveness and sophistication of the Privacy Compliance program elements in alignment with the Global Privacy and Data Protection Policy and Standard.

• Advise on compliance policy interpretation and work with Group Corporate Function partners, and responsible compliance contacts to resolve significant breaches and violations of such policies, and external reporting when required.

• Work collaboratively with other control functions, including Internal Audit, to ensure the efficient, effective, and risk-based vetting and oversight of personal information entrusted to MetLife.

• Advice on transfer or release of information in collaboration with Legal Affairs.

• As and when required to act as a deputy to the Chief Privacy Officer.

Key Relationships:

Reports to: Vice President,Chief Privacy Officer

Matrix Reporting Line: N/A

Direct reports/team : N/A

Key Stakeholders HR, GTO, Marketing, Regional and Country Compliance Officers

Candidate Qualifications, Essential Business Experience, Competencies, and Technical Skills:

4+ years of risk management or compliance experience in a relevant business (financial services/insurance), including relevant privacy experience / expertise and a demonstrated risk, governance, and ownership mindset.

In-depth knowledge and proven expertise with analyzing and applying privacy laws, regulations and corporate policy and procedures for compliance with data privacy laws and regulations.

Proven ability to assess privacy risks and develop and execute controls / processes, as well as ability to eliminate unnecessary and inefficient processes and activities.

Experience handling data breaches and having an ability to mobilize, lead and prioritize quickly in the face of a potentially significant data breach.

Building and maintaining strong relationships with other functional leads, including Legal Affairs, Risk Management, Operations, and Internal Audit to create a supportive and seamless compliance and ethical control culture and an appropriate risk environment.

Championing a high-performance environment and implementing a people strategy that attracts, retains, develops, embraces diversity, and motivates teams by fostering an inclusive work environment, communicating vision/values/business strategy, and managing succession and development planning for the team.

Ability to lead CRM in strengthening the privacy risk management program by being forward looking, embracing and leading change, collaborating on compliance best practices, and methodically working to fortify privacy compliance coverage of Corporate Functions.

Excellent interpersonal skills required to develop partnerships and relationships throughout the organization; experience interfacing with senior leaders and the business to provide guidance with respect to privacy matters while accomplishing business objectives.

Excellent written and verbal communication skills, including the ability to prepare and deliver presentations and communicate with senior and executive management.

Possess dedication and self motivation, with an ability to work both independently and in a team environment.

High degree of professionalism, sound judgment, and discretion.

Ability to think proactively and make recommendations and complex decisions, and to anticipate regulatory needs and expectations and plan for them.

Exceptional ability to manage confidential information in a professional manner.

Preferred Qualifications

Experience with maintaining Privacy compliance programs for a multi-national organization strongly preferred

JD degree from an accredited law school along with strong academic record

Privacy related qualifications such as IAPP certification

The salary range for applicants for this position is $123,800 - $165,000.

Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!

About MetLife

Recognized on Fortune magazine's list of the 2023 "World's Most Admired Companies" as well as the 2023 Fortune 100 Best Companies to Work For ®, MetLife , through its subsidiaries and affiliates, is one of the world’s leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.

Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we’re inspired to transform the next century in financial services. At MetLife, it’s#AllTogetherPossible (https://www.metlifecareers.com/ml/GreatPlaceToWork) . Join us!

Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.

$123,800 - $165,000