Data Privacy & Security Manager

Job description

Overview The Data Privacy & Security Manager supports the CISO and Security leadership in strengthening the Bank’s information security and privacy program. This role helps develop and maintain security and privacy policies, monitors regulatory requirements (e.g., FFIEC/FDIC/GLBA/FACTA), leads risk and vendor assessments, and supports incident response and customer/regulator notifications when needed. This role must have strong regulatory knowledge, hands-on risk assessment experience, and the ability to communicate clearly with business partners, auditors, and regulators. Responsibilities: - Drive and maintain privacy and information security policies, standards, and annual manual reviews. - Lead vendor security due diligence, risk scoring, and ongoing monitoring (including AI/vendor risk considerations). - Perform and coordinate key regulatory/security assessments (e.g., SWIFT CSP, Fedline, GLBA/FDICIA/FACTA reviews). - Oversee risk assessments for restricted information and ensure timely resolution of security violations. - Collaborate closely with the CISO & Head of Security, Compliance, IT, and Marketing on incident response, breach notification, and regulatory communications,...