Job Classification:

Technology - Risk & Governance

Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions.

Your Team & Role

The Global Technology Chief Operating Office organization is seeking a Lead, Tech Risk Management- Privacy, who will collaborate with Global Technology’s various functional areas, individual business units/corporate functions, and other control functions to identify, mitigate, and improve areas of risk that may impact our organization. Reporting to the Global Technology Privacy Officer in the IT Operational Risk (ITOR) first line of defense, this role will help maintain the Global Technology Privacy program in line with the Company standards. In addition to deep expertise and experience, you will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.

Here is What You Can Expect on a Typical Day

• Facilitate Global Technology adherence to the company’s Privacy Program, HIPAA, and related programs, as applicable, as well as any local or business-specific privacy requirements
• Perform first line of defense privacy activities and promote Privacy by Design related to Global Technology’s implementation ensuring adherence to privacy policies, procedures, standards, and requirements
• Coordinate demand from product and service owners, ensure all activities are reflected on the Kanban with GT-aligned priorities, benefits, business value, dependencies and risks
• Assist with the annual privacy risk self-assessment process, lead and conduct privacy impact assessments and HIPAA privacy assessments; all with an eye to ensuring that appropriate controls are in place to mitigate privacy risks within the business/corporate function
• Collaborate with technology and business stakeholders to participate in reviewing and documenting projects and processes pertaining to the collection, use, storage, and disposal of Personal Information within the organization
• Maintain Global Technology’s inventory and data mappings to identify all systems, business processes, repositories, and third parties, where personal information is used, stored, or accessed
• Enable the Global Technology to identify, investigate, and remediate privacy incidents (including privacy breaches) in a timely manner consistent with legal requirements, apply a lesson learned approach and ensure the Privacy incident platform is updated timely
• Report on privacy incidents, operational risk events relating to privacy and key risk indicators occurring within Global Technology, and identity and follow up on privacy issues and action plans with the ability to drive incidents and issues to closure in a timely manner
• Utilize educational tools including training and awareness sessions to reinforce strong privacy protection practices within Global Technology
• Help drive the evolving privacy program and overall protection of personal information by helping educate key stakeholders on privacy compliance risks and privacy risk management; deliver training, streamline advice, update knowledge repository
• Participate in continued privacy, technology and Information security education to build your knowledge and use to enhance the program

The Skills & Expertise You Bring

• Bachelor’s Degree or equivalent work experience
• Proven experience of demonstrated success in leading, implementing, and executing IT operational risk processes and initiatives
• Core Risk/Governance Technical Skills: Should have technical acumen related to IT processes, practices and capabilities with subject matter knowledge of components and risks within Cloud, Information & Cyber Security, Agile development methodology, Computer and Network Infrastructure and Privacy
• Ability to develop, refine, and lead IT key risk indicators, and advance usage of risk data to identify and analyze trends, provide timely informative analytics and document risk appetite for key risks
• Knowledge of relevant global IT risk management frameworks (e.g., NIST, ITIL, ISO, COBIT, SANS) for development, maintenance, and enterprise alignment of the risk framework and taxonomy with enterprise processes, risk frameworks and reporting constructs
• Comprehension of relevant client, legal, and regulatory requirements and ability to perform compliance-based gap analysis using regulatory based frameworks, such as System & Organization Control (SOC 1 & 2) Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), European Union General Data Protection Regulation (GRPR), and California Consumer Privacy Act (CCPA)
• Ability to apply risk leadership skills in execution of IT operational risk and control assessments and third-party risk assessments, to determine risk opinion that product technologies and capabilities are fit for the risk appetite of the organization
• Knowledge of IT Governance, Risk, and Compliance (GRC) software (e.g., RSA Archer, IBM Open Pages, SAP GRC, ServiceNow GRC) for effective organization and utilization of IT risk data
• Ability to rapidly find, assimilate and correlate information correctly
• Strong analytical, critical thinking skills and solution oriented
• Ability to work independently and as part of a team with the ability to think outside the box
• Demonstrated ability to influence with comfort and ability working between organizational structures to effect significant change, self-starter comfortable working independently and within a team environment
• Exceptional verbal and written communication skills, including the ability to connect, build relationships and influence business leaders, across all levels
• Lead and effectively leverage diverse ideas, experiences, thoughts and perspectives to the benefit of the organization.
• Knowledge of business concepts tools and processes that are needed for making sound decisions in the context of the company's business
• Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges
• Excellent problem solving, communication and collaboration skills.

Preferred Skills:

• Certified Information Privacy Professional (CIPP) certification or alternative certifications (CRISC, CISM, CIPT, CDPSE, CISSP); alternatively a proven ability to keep up to date with emerging technology

You’ll Love Working Here Because You Can

Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.

What we offer you:

• Market competitive base salaries, with a yearly bonus potential at every level
• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave
• Retirement plans:
• 401(k) plan with company match (up to 4%)
• Company-funded pension plan
• Wellness Programs to help you achieve your wellbeing goals, including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs
• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
• Tuition Assistance to help finance traditional college enrollment toward obtaining an approved degree, many accredited certificate programs, and industry designations.
• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.

To find out more about our Total Reward package, visit Work Life Balance | Prudential Careers. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.

Note: Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $120,300.00 to $179,000.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills. Roles may also be eligible for additional compensation and/or benefits. Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. In addition, employees are eligible for standard benefits package including paid time off, medical, dental and retirement.