SMD, TIAA Chief Privacy & Records Officer

Job description

Key Responsibilities and Duties: - Establishes and champions the enterprise privacy strategy, aligning it with organizational objectives, regulatory requirements, and evolving industry standards. This includes setting the long-term vision for privacy governance and translating that vision into actionable programs, policies, and operational frameworks that are scalable, sustainable, and risk-proportionate - Maintains deep and current expertise in applicable domestic and international privacy laws and frameworks, including but not limited to GDPR, CCPA/CPRA, GLBA, HIPAA, and emerging state-level privacy regulations. - Proactively monitors the regulatory landscape, assesses organizational impact, and leads the enterprise response to new or changing requirements in a timely and effective manner. Regulatory Change Management activities are performed in close partnership with Law & Policy (L&P). - Builds and sustains a mature, risk-based privacy program encompassing Privacy Risk Assessment and Management, Compliance Monitoring and Testing, Data Inventory and Mapping, consent management, and Controls Framework development. - Owns the enterprise framework for privacy-related vendor oversig...