Director, Privacy Compliance Officer

The role:

The Compliance Privacy Officer role is accountable for establishing and maintaining the Compliance Privacy Program for the company.  This program sets the framework and roles/responsibilities across the enterprise for how consumer privacy laws and regulations are managed at the company, including U.S. and international laws, as applicable.  This role is accountable for ensuring the appropriate policies and standards are in place and providing oversight and effective challenge to the business units regarding Privacy compliance.  This role works closely with the Enterprise Data Management team, the Legal Privacy attorney, and information technology teams to support an effective Privacy Compliance program, meeting our members’ and regulatory expectations.

What you’ll do: 

• Establish and manage an effective consumer Privacy Compliance Program and framework, codified in policies, standards, and procedures

• Provide subject matter expertise, support, and leadership to Compliance partners, Business Units, and Internal Audit with regard to privacy compliance risk and issues; 

• Support company innovation and growth through collaboration and strategic problem solving; analyze business initiatives, including new products and processes, to determine whether they comply with applicable privacy laws and regulations

• Conduct risk assessments under the Privacy Compliance Program to measure the residual level of privacy risk and drive enhancements or corrective actions, as indicated

• Provide oversight and effective challenge to SoFi business units in the execution of the Privacy Compliance Program, ensuring effective controls, monitoring, and testing 

• Partner with Legal to track new/proposed consumer privacy laws and regulations, and drive enterprise adoption of changes, as appropriate; stay abreast of emerging trends, best practices, and risks related to consumer privacy

• Collaborate with internal departments that play a role in managing data privacy, including analyzing, communicating, and responding to data privacy events, as necessary 

• Engage with regulators through ongoing supervision and examinations; gather artifacts for submission; review and/or draft responses; and address regulatory feedback, as needed 

• Provide insightful and informative reporting to senior management and the Board of Directors regarding data privacy at SoFi

• Manage a team of compliance professionals in support of the Privacy Compliance Program

What you’ll need:

• Bachelor’s degree or equivalent military experience

• Superior knowledge of consumer privacy compliance laws and regulations 

• Eight (8) plus years of compliance or risk management experience at large financial institutions, with at least five (5) focused on privacy compliance

• Five (5) plus years in a people leader role 

• Excellent verbal and written communication skills

• Substantial broad-based knowledge and experience in applying laws and regulations, designing, managing, and overseeing compliance programs and processes and handling regulatory matters

Nice to have:

• Juris Doctor or Master’s degree

• Ten (10) plus years of privacy, compliance risk management, risk management, legal, or audit experience at a financial institution

• Five (5) plus years of experience in strategic initiative management

• Experience with emerging technologies, such as Artificial Intelligence, Block Chain, and cryptocurrencies

• Certified Information Privacy Professional (CIPP), Artificial Intelligence Governance Professional (AIGP), Certified Risk Professional (CRP), or Certified Regulatory Compliance Manager (CRCM)