Global Chief Privacy Officer

Global Chief Privacy Officer & SSBI Data Protection Officer, Managing Director

**Who we are looking for**
With immediate effect we are looking for a Global Chief Privacy Officer & SSBI Data Protection Officer, Managing Director. This role will report to Global Chief Compliance Officer and SSBI Chief Administrative Officer. This role can be performed in a hybrid model, where you can balance work from home and office. We are open to hire in Munich, Frankfurt, Germany or Krakow, Poland.

**Why this role is important to us**
The team you will be joining plays an important role in the overall success of the organization. Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. To make that happen we need teams like yours to help navigate employees and the organization as a whole. In your role you will strive for cutting-edge solutions, that are straightforward and scalable. You will help us build resilience and execute day to day deliverables at our best.

Join us if making your mark in the financial services industry from day one is a challenge you are up for.

**What you will be responsible for**
As the State Street Global Chief Privacy Officer & SSBI Data Protection Officer you will
- Fulfill the role of the data protection officer of State Street Bank International GmbH (SSBI), a German credit institution with branches across Europe, in line with the requirements of Global Data Protection Regulation and local data protection laws in the countries where SSBI is operating;
- Continue to improve and build upon a strong global privacy compliance program that keeps pace with applicable global regulations as well as local regulations applicable to SSBI, including oversight for testing and reporting of applicable law, regulatory guidance, and internal policy requirements;
- Ensure effective execution of privacy and data protection requirements, maintenance and adherence to related policies and procedures, commensurate with the level of privacy risk;
- Work collaboratively with the Chief Data Office, Chief Information Security Officer and other internal stakeholders across governance forums, strategic projects and engagements to drive the execution of the global privacy compliance program;
- Assist the business and corporate functions with the design and execution of internal controls to address privacy and data protection business requirements and mitigate privacy risks;
- Execute an effective global regulatory change management program by keeping pace with changes in regulation and working with business partners to identify and assess the impact of privacy regulatory changes to the firm, business, technology operations, processes or operating procedures;
- Direct incident response for privacy breaches in coordination with internal partners who oversee mitigation strategies and regulatory communications;
- Assist with preparing for or leading privacy related regulatory examinations, internal audits and internal testing requirements;
- Work with business and corporate partners to ensure that privacy incidents are reported timely and accurately and assist in determining necessary client notifications, as appropriate;
- Create a register of processing operations within the organization and notify the appropriate data protection authority about those that present specific risks via prior consultation;
- Ensure data protection compliance within her organization and help the latter to be accountable in this respect;
- Handle queries or complaints on request by the organization, the controller, other person(s), or on her own initiative;
- Cooperate with and act as the contact point for the data protection authorities (responding to requests about investigations, complaint handling, and inspections, etc.);
- Draw the organization's attention to any failure to comply with the applicable data protection rule;
- Lead a team of privacy professionals in conducting privacy impact assessments in collaboration with business, product, engineering and legal teams to design and implement process improvements to ensure risk mitigation activities are effective;
- Proactively manage privacy risk through managing governance forums, performing risk assessments, directing monitoring and testing efforts, and implementing related training programs;
- Ensure privacy practices align with regulatory and compliance standards by identifying potential areas of vulnerability and developing and executing risk mitigation action plans;
- Champion privacy awareness across the firm by leading Privacy Awareness campaigns, training and educational programs to help ensure privacy considerations and embedded in business processes.

**What we value**
These skills will help you succeed in this role
- Ability to manage multiple simultaneous tasks in a high pressure, deadline-driven environment;
- Strong abilities in analytical thinking, problem solving, research, time manage