Job Description

The Team You Will Join Building confident futures is at the center of all our work at MetLife. Compliance Risk Management (CRM) delivers a compliance risk framework that enables the businesses and functions to comply with applicable internal and external rules and regulations and maintain risk levels within MetLife's risk appetite. CRM provides constructive challenge to the businesses and functions, partnering closely with them to implement strong processes and effective controls, as well as to foster and embed a culture of compliance. Within CRM, the Privacy Compliance Group (PCG) is responsible for the design, maintenance, and oversight of MetLife's Global Privacy Program. The Global Privacy Program sets forth a framework that drives global consistency and outlines roles, responsibilities, and accountability for the oversight and compliance management of MetLife's applicable privacy and data protection risks and obligations. The Privacy Compliance Group is led by MetLife's Global Chief Privacy Officer and supported by a Central Privacy Office and Regional Privacy Teams. The Opportunity Working in CRM at MetLife offers a dynamic and rewarding experience. The Senior Privacy Compliance Consultant is an individual contributor role responsible for supporting MetLife's U.S. Privacy Compliance Program ("U.S. Privacy Program"), reporting to the Head of U.S. Privacy Compliance. The primary responsibilities include supporting the day-day operations and ongoing maturity of the U.S. Privacy Program, identifying, assessing and mitigating privacy risks, and providing privacy compliance advice to U.S. businesses and corporate functions. In addition, in this role you will oversee and guide the advancement of privacy by design and lead privacy assessments involving artificial intelligence ("AI") technologies, third parties, and strategic business initiatives. This role supports privacy compliance coverage for MetLife's U.S. businesses and corporate functions. You will collaborate closely with Global Risk Management, Information Security, the Law Department, Marketing, Human Resources, Global Technology and Operations, Data Governance, Information Lifecycle Management and U.S. business partners in an environment where every contribution is respected, and every perspective is heard. How You'll Help Us Build a Confident Future (Key Responsibilities) Coordinate the execution and strategic advancement of the U.S. Privacy Program's target operating model. Oversee and monitor third party privacy risk and participate in strategic privacy assessments. Conduct Privacy Risk Assessments ("PRAs"), including for AI technologies and strategic business initiatives. Investigate and manage personal data incidents, coordinating with the Law Department and other stakeholders to perform investigations, root cause analysis, identify notification obligations, and provide advice on remediation activities. Stay abreast of changes in the regulatory environment, analyze the impact of privacy regulatory changes, and support implementations. Develop the annual privacy monitoring and testing plan and participate in monitoring and testing activities. Evaluate and maintain U.S privacy policies, procedures, and process documents. Educate employees on privacy and data protection requirements and develop privacy communications. Lead or participate in cross-functional working groups and committees to support privacy and data protection initiatives and to communicate key privacy updates. Support certain aspects of the HIPAA Compliance Program. What You Need to Succeed (Required Qualifications) Minimum 5+ years of experience working in privacy or data protection roles in the insurance and/or financial services industries. Bachelor's degree from a four-year college or university. Deep understanding of U.S. federal and state privacy and data protection laws and regulations, including GLBA, HIPAA, CCPA, and data breach notification laws. Direct experience handling data breaches with an ability to mobilize groups, lead, and prioritize quickly for a potentially significant event. Proven ability to analyze laws and regulations, assess privacy and data protection risks, and make recommendations to mitigate potential privacy risks. Experience advising Information Technology teams, Application Developers/Architects and Data Analytics and Model Risk teams with identifying privacy risks and implementing controls. Ability to think proactively, make strategic recommendations, and to anticipate regulatory needs and risk mitigation opportunities. Possess dedication and self-motivation with a continuous improvement and enhancement mindset. Excellent written and verbal communication skills, with the ability to prepare and conduct succinct senior management presentations, and to explain complex privacy requirements and solutions. Strong attention to detail, highly organized, and capable of managing multiple projects simultaneously with shifting priorities. Ability to build rapport with stakeholders and to collaborate in a team environment. High level of proficiency with Microsoft Word, PowerPoint and Excel. High degree of professionalism, integrity, sound judgment, and discretion. What Can Give You an Edge (Additional Skills) Experience developing and implementing privacy programs at large multinational insurance companies or financial institutions. Compliance and Risk Management experience. JD degree from an accredited law school along with strong academic record. Privacy or Data Protection Certifications (e.g., CIPP/U.S. or equivalent certification). Information Technology related academic qualifications or industry recognized certifications. Equal Employment Opportunity/Disability/Veterans If you need an accommodation due to a disability, please email us at [email protected]. This information will be held in confidence and used only to determine an appropriate accommodation for the application process. MetLife maintains a drug-free workplace.

Job Tags

Similar Jobs