Privacy Compliance Advisor, Manager (Enterprise Services)
Capital One’s technology transformation has presented an exciting opportunity to usher in leading edge, innovative approaches to compliance risk management in close partnership with our business clients. Capital One is increasingly using technology to further its most dynamic, innovative products, which calls for new, creative ways for us to think about compliance and risk in a way that helps the business succeed, safely and quickly. Privacy Compliance is at the center of these activities, and performs a key risk management role to ensure the business and corporate initiatives comply with applicable federal, state, and international privacy laws and regulations.
The Privacy Compliance Team is seeking an Advisory Manager who will serve as a dedicated advisor for international privacy risks. This role, which will sit on the Enterprise Services Privacy Team, will support the Enterprise Services line of business and will advise other lines of business on international privacy risks as needed. The Privacy Compliance Manager will apply risk, process management, and analytical skills to drive actions in support of privacy risk objectives for the Compliance department.
A successful Privacy Compliance Manager is a highly motivated, forward thinking self-starter who can work autonomously, is quick to adapt, has a strong grasp of technology, sees beyond the present to identify tomorrow’s risks, and is able to integrate themselves seamlessly into these exciting business spaces.
Key Responsibilities:
Support the Enterprise Services Privacy Compliance Team by advising on international and domestic privacy risks;
Closely follow emerging privacy trends across the country and internationally, including the development of new privacy laws, regulations, trends, and emerging risks. Identify trends in data and advise on identified current and emerging privacy risks;
Maintain subject matter expertise of applicable privacy laws and regulations such as FCRA, FACTA, TCPA, TSR, CAN-SPAM, GLBA, GDPR, Mexico’s Privacy Law (and other international privacy laws as necessary), FFIEC guidance, CCPA/CPRA, CA SB1, HIPAA;
Provide effective challenge and guidance on privacy risks and support Enterprise Services through various interactions and forum engagements;
Advise Enterprise Services on application of privacy requirements, development of controls and monitoring, remediation/corrective action of compliance breakdowns, and changes in law or regulation;
Support and, as necessary, participate in evaluation of Enterprise Services initiatives and processes from a privacy risk perspective;
Assist the business in developing and maintaining the Compliance Management Program (i.e., how to monitor, report, and train);
Actively participate on complex projects by providing guidance, advice, and effective challenge;
Active involvement with privacy compliance testing and third party compliance;
Review privacy-related complaints generated from the business and provide guidance on remediation; escalate and consult with subject matter experts, when necessary;
Evaluate Internal Audit, Regulatory Exam, and self-identified privacy issues and events for compliance impacts;
Assist in capturing, maintaining, and analyzing compliance data, interpreting it to ensure consistency and adequate Compliance Risk Management.
The ideal candidate will possess:
Clear results orientation and focus on achieving both short and long term goals;
A proven track record of supporting and working across business lines and functions and with a senior management team;
Ability to navigate “white space” or ambiguous situations to drive and execute an agenda in a fluid environment;
Solid teamwork skills; ability to build and leverage the capabilities of a high-performing team;
Highly developed interpersonal, presentation, and communications skills (written and oral) coupled with strategic influencing skills and the ability to drive agreement through intellect, interpersonal, and negotiation skills;
Strong judgment, influencing skills, integrity, and discretion in handling highly sensitive issues;
Ability to effectively challenge first line of defense risk taking, risk assessments, and risk mitigation efforts;
Successful track record of thriving in both a highly regulated industry and a fast paced, entrepreneurial, and dynamic environment;
Strong project management, process management, and organizational skills;
A collaborative, energetic, solution-oriented, and innovative leadership style;
Ability to balance operating independently with appropriate escalation and interaction with senior leadership;
Willingness to work as a team player and interact with associates across functions, departments, and job levels, both inside and outside the Compliance Department; and
Understanding of key regulatory and audit requirements and three lines of defense risk management framework.
Basic Qualifications:
Bachelor’s Degree or Military experience
At least 3 years of experience in a risk or compliance role within a FinTech, Financial Services, or Technology organization.
Preferred Qualifications:
Master’s Degree or Juris Doctorate
6+ years of experience in Privacy compliance, or 6+ years of experience in legal, or 6+ years of experience in audit
CIPP (Certified International Privacy Professional) certification, CRCM (Certified Regulatory Compliance Manager) certification, ACAMS (Association of Certified Anti-Money Laundering Specialists) certification, CISSP (Certified Information Systems Security Professional), or CISM (Certified Information Security Manager)
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
This role is expected to accept applications for a minimum of 5 business days.
No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).