About Business Line/Function :

The Privacy Program Manager is a Risk Manager reporting to the CIB Data Protection Officer. 

CIB Data Protection Office is part of CIB RISK ORM (Operational Risk Management) Department within BNP Paribas and steers the second Line of Defense for Privacy-related issues throughout CIB worldwide, leveraging on a network of local experts. The DPO monitors the application of the regulations relating to the protection of personal data within CIB, monitoring compliance with applicable regulations and supporting LOD1.

Its activity is part of the overall governance of personal data protection deployed throughout BNP Paribas Group and it is based on the following key responsibilities:

-        Management of relations with external stakeholders, including data subjects, CNIL and supervisory authorities responsible for personal data, in relation with the Territory DPOs appointed by BNP Paribas S.A. in each location where CIB is present;

-        Supervision of the general framework for personal data protection within CIB; Review and support for the implementation of personal data protection applicable regulations and policies in connection with CIB Functions, ITO, Métiers and Legal department;

-        Monitoring of CIB personal data related processes, including Privacy by Design, Record of Processing Activities;

-        Deployment of Privacy training and awareness sessions in coordination with the Data Protection first Line of Defense teams;

-        Definition and implementation of second level controls and conduct of independent testing on personal data protection.

Responsibilities

The Privacy Program Manager is positioned within RISK function and will report to CIB Business Line DPO. He will be responsible for the scope composed of Securities Services, Global Market and Global Banking.

Privacy Program Manager will join a Team with more than 20 different nationalities and super good environment, located in Madrid. You’ll become a team that spans cultures and backgrounds

·     Worldwide scope working within all business lines in BNP Paribas

·       Possibility to work from home more than 50% of journey

·       Direct report to the CIB DPO in Paris

·       Good remuneration and Bonus Pool

·       MOBILITY inside the Group

Direct Responsibilities

• Lead operations management for the CIB Data Protection Office with elements such as the team roadmap, team objectives and priorities, initiative portfolio and active matters, among others. 
• Lead initiatives related to organization and risk framework for personal data protection for the worldwide scope of CIB Data Protection Office. 
• Drive the CIB Data protection Office contributions to committees and forums in relation to personal data protection risk management
• Lead functional support to CIB Data Protection Office team in regards to risk monitoring and reporting activities using key metrics provided by Group Data Protection or RISK ORM tools and reporting mechanisms
• Animate and steer the community of territory DPOs and DPCs in the global scope of CIB by keeping them informed of CIB central projects and initiatives and gathering relevant contributions or escalations from regional/territory stakeholders 

Contributing Responsibilities

• Support communications, training and awareness initiatives managed by the CIB Data Protection Office
• Contribute to RISK ORM CIB and Group Data Protection reporting responsibilities around the scope of CIB Data Protection Office
• Lead cross team projects / global initiatives associated to the CIB Data Protection Office team
• Represent the CIB Data Protection Office in initiatives to enhance data quality in the relevant Group tools (e.g., drafting requirements for change requests, follow-up on implementation and testing, etc.)
• Support the design and the development of the independent testing campaign roadmap and priorities to ensure relevant coverage of privacy risks, including direct controls such as Process reviews and Process reviews and in relation to the CoE for the verification and reperformance controls
•  Support the definition and implementation of the privacy guidelines for the annual Risk and Self-Assessment campaign across the worldwide CIB scope
• Support the execution and results of the campaign execution for the controls performed by the CIB Data Protection Correspondents and support the definition and formalization of the actions deriving from the results of the controls, including direct controls such as Process reviews and Process reviews and in relation to the CoE for the verification and reperformance controls

Technnical Competences

• Solid Experience in Project Management
• Strong interest and first experience Data Protection and Cyber Security topics – CIPP/E is preferrable
• Developing understanding of the regulatory environment
• Multi-media: active knowledge and experience of digital technologies
• Fluent in English (mandatory) and French (desired)