Financial Services Advisory Cybersecurity & Privacy Director


Job Description   The Financial Services industry is operating in a challenging environment due to global economic pressure, increasing regulatory demands and capital requirements as well as significant operational and technology changes. Our growing Financial Services Advisory practice provides management, technology and risk consulting services to help major financial institutions around the world respond to their most complex business challenges. The Financial Services Advisory practice is composed of three industry sectors: Asset Management, Banking & Capital Markets and Insurance.

Privacy Compliance and Data Protection works with the areas of Privacy and /or Security Program Development and Strategy, Information Risk Management and Compliance, Data Use and Protection, Identity and Access Management, and Financial Services operation risk. At PwC, our team members have subject matter expertise with US federal, state, and/or international privacy laws including but not limited to GLBA Reg P, Reg V, TCPA, the EU Data Privacy Directive, FCRA and others. Our team assists clients in the development of corporate privacy programs, including policies, procedures and training, supporting technology deployments, conducting large and small scale privacy risk assessments, development of Third Party Risk Management programs, and incorporating privacy by design principals into product development.


Position Requirements         10 Years of Experience:


Minimum Degree Required: Bachelor's degree in Computer Science, Management Science, or similar applicable discipline

Minimum Degree Preferred: Juris Doctorate (JD) or Master of Laws (LLM) degree


Minimum Certification Required: Certified International Privacy Professional (CIPP/US) and/or additional CIPP certification in government privacy (CIPP/G), European privacy (CIPP/E); preferred additional certification as Project Management Professional (PMP) and information security credentials such as the CISSP.


Knowledge Preferred:

Demonstrates thought-leader knowledge levels of the financial services, banking, capital markets and insurance industries by assisting in developing for clients global privacy compliance programs, conducting privacy and security assessments and managing vendors involving the following areas:

-Federal, State or International data prrivacy laws, i.e. Reg P, Reg V, TCPA, FCRA, European Data Protection Directive (95/46/EC), MA 201 CMR 17.00, Children's Online Privacy and Protection Act (COPPA) and State Breach Disclosure Laws;

-Strategy, operations and management in  functional and operational areas within the Financial Services Industries, emphasizing the intersection of privacy, security, compliance and risk;

-Project leadership and/or management off multiple large and complex engagements, including proposal response writing, pre-sale and initial scoping, SOW development, and final delivery and signoff activities


Skills Preferred:

Demonstrates proven thought leader-level abilities to generate and maintain an annual book of business valued at $2 million+ within the Financial Services Industry, including overseeing and managing concurrent multiple, complex projects and the following areas:

-Direct the identification and addressinng of client needs-building, maintaining, and utilizing networks of client relationships and community involvement; communicating value propositions; managing resource requirements, project workflow, budgets and margins, billing and collection;

-Lead teams-supervising teams to create  an atmosphere of trust and seeking diverse views to encourage improvement and innovation; answering questions and providing direction to less-experienced staff; coaching staff including providing timely meaningful written and verbal feedback; providing opportunities for contributing to practice development through the development of new collateral and thought leadership pieces, as well as participation in sales and driving revenue;

-Develop methodologies and /or conduct aaudit and monitoring plans based on US Federal or State data protection and privacy laws and regulations, emphasizing effective privacy and data security awareness and education plans based on regulatory requirements and clients‰Ûª needs consistent with their policies and culture;

-Identify data privacy compliance risks  and vulnerabilities-advising clients on relevant compliance and regulatory issues, assessing related risks and controls, and implementing related compliance supervisory and control solutions;

-Oversee and lead teams to execute privaacy compliance assessments and conduct gap analyses against Federal, State and/or international data privacy laws: developing methodologies and tools to assist clients with developing and deploying their privacy compliance and data protection programs related to such laws and regulations;

-Collaborate with others to develop methhodologies that provide clients the ability to plan and implement initiatives related to usage, informatics reporting and other emerging issues; and,

-Develop protocols and controls to test  clients' privacy policies and procedures, comparing clients operations to privacy-related regulatory requirements that result in developing practical recommendations and improvements to reinforce adherence to, or proffering revisions that balance both regulatory compliance and business operational needs involving, policies and controls.


Location  New York , NY

Travel      81-100%

Salary up to $215k  + bonus


Scott L Page