Compliance, Global Privacy Office, Associate/VP - London

Job Description

GLOBAL COMPLIANCE Our division prevents, detects and mitigates compliance, regulatory and reputational risk across the firm and helps to strengthen the firms culture of compliance. Compliance accomplishes these through the firms enterprise-wide compliance risk management program.As an independent control function and part of the firms second line of defense, Compliance assesses the firms compliance, regulatory and reputational risk; monitors for compliance with new or amended laws, rules and regulations; designs and implements controls,policies, procedures and training; conducts independent testing; investigates, surveils and monitors for compliance risks and breaches; and leads the firms responses to regulatory examinations, audits and inquiries. Youll be part of a team with members froma wide range of academic and professional backgrounds, such as law, accounting, sales, and trading. We look for those who possess sound judgment, curiosity, and are able to adapt to a changing regulatory landscape. At Goldman Sachs, our culture is one of teamwork, innovation and meritocracy. We often say our people are our greatest asset and we take pride in supporting each colleague both professionally and personally. From collaborative work spaces and ergonomic servicesto wellbeing and resilience offerings, we offer our Compliance professionals the flexibility and support they need to reach their goals in and outside of the office. Global Privacy Office has team members in New York, Chicago, Dallas, Warsaw and London. Global Privacy Office works with other privacy and data protection stakeholders at Goldman Sachs, including the Legal, Engineering and Technology Risk teams, Risk, Operationsand the business teams that develop and manage financial products and services. HOW YOU WILL FULFILL YOUR POTENTIAL As a member of Global Privacy Office in London, your responsibilities will include:

• Providing privacy advisory guidance to business, engineers, operations, compliance and other stakeholders to enable the delivery and development of privacy compliant business initiatives
• Reviewing and assessing products, features and business activities against privacy requirements and standards

• Incorporating privacy-by-design and privacy-by-default into business, products, new features and technolog y

• Developing privacy design requirements and conducting oversight of the implementation of such requirements
• Reviewing and assessing third party vendors, partnerships and the proposed data integrations from a privacy perspective.
• Providing guidance associated with the implementation of new privacy and data protection laws or regulations

• Supporting the development and implementation of privacy governance frameworks with key stakeholders in Operations, Compliance, Engineering, Legal and Risk
• Implementing and overseeing the effectiveness of privacy controls, privacy enhancing technologies, and privacy risk mitigates
• Drafting, editing and reviewing responses to data subject requests and data protection-related queries
• Drafting and reviewing privacy-related disclosures, including fair processing notices and cookie disclosures, for financial products
• Supporting the creation of, and reviewing data processing records and compliance assessments, including data protection impact assessments
• Drafting, reviewing, and revising existing data privacy policies, procedures and best practice documents
• Developing and delivering privacy and data protection training.

SKILLS EXPERIENCE WERE LOOKING FOR

• Experience with international privacy regulatory frameworks, particularly GDPR, E-Privacy and other applicable laws and regulations and jurisdictional variations;
• Financial services experience is a plus
• Experience with developing and/or implementing governance frameworks for wide-scale use of cookies and similar tracking technologies
• Experience in a Data Protection Office, Privacy Risk, Privacy Compliance or Privacy Legal / Paralegal function
• Experience advising on direct marketing, ECRM and online behavioral and targeted advertising, including governance of these practices
• Experience of drafting responses to complaints from data subjects and handling nuanced data subject right requests.
• Experience performing formal and informal risk assessments for new and existing digital products and services from a privacy regulatory perspective
• Strong relationship management skills with ability to deepen relationships and build partnerships across the business, including in Operations, Compliance, Engineering, Legal and Risk
• Comfortable taking the initiative and working across multiple business lines and jurisdictions
• An understanding of digital and retail focused businesses, including new and developing businesses is also advantageous
• Certified Information Privacy Professional accreditation or similar accreditation preferred
• Experience with Microsoft PowerPoint and Excel
• Excellent, written and verbal communication skills; highly organized and sound organizational skills.