Data Privacy Associate

The EAP PO Privacy is part of the Global Compliance department and has a mandate forpromoting a culture of privacy compliance and oversees the firms privacy practices and initiativesregarding customer and employee information.The PO has oversight of privacy risk in Europe and Asia-Pacific. It provides specialized adviceand counsel to Risk Owners (businesses and corporate functions), reports and escalates privacyissues of key importance within the firm, provides training and acts as a primary point of contact forlocal privacy regulators.As second line of defense Oversight Function, the PO along with other risk and oversightpartners provide objective guidance, independent challenge and risk-based oversight of the firmscompliance with Europe and Asia-Pacific privacy laws, rules and regulations.Job Description This role reports to the EAP PO Privacy Manager and supports various activities within Privacy.Key accountabilities include:• Perform reviews of Privacy Impact Assessments, Legitimate Interest Assessments,Transfer Impact Assessments, Third Party Control Assessments and works withbusinesses to review and challenge control and mitigation measures.• Manage data privacy breaches and incidents and assist with data subject rightsrequests.• Manage annual review of Records of Processing Activities and the associated AnnualAttestation process, including for purposes of Article 30 of the GDPR.• Maintain privacy issues log and other tracking and record-keeping documentation forthe EAP Region.• Maintain privacy-related risk assessments, metrics and reporting mechanisms toassess the health of the privacy program.• Remain current on applicable legislation and regulation across the region.• Support regulatory change activities.• Assist in maintaining internal privacy policies and notices.• Support training and awareness program to promote compliance.• Conduct and/or participate in regional monitoring and testing activities as required.• Escalate issues as appropriate.• Support special projects and strategic initiatives as assigned.• Provide objective guidance, support and advice to promote strong privacy controlsand processes.• Assist with privacy-related activities associated with corporate transactions such asintegration, mergers and acquisition activities, including, planning, due diligence,privacy impact assessments, policy and procedure reviews and creation.• Participate fully as a member of the EAP Privacy team and Global Privacy Complianceteam through collaboration, sharing of privacy knowledge and expertise and identifyways to innovate our processes.• Maintain personal/professional development to meet the changing demands of therole, including all relevant regulatory and legislative training.