This role reports to the Head of Regulatory Compliance.
As the Director of Compliance, Privacy you will lead and drive our Privacy Compliance program and team. You will partner with our Global Privacy Officer and Legal and Risk functions on the design, development, delivery, and continuous improvement of the global Privacy Compliance program, including on the leadership, risk management, governance, awareness and education, and monitoring and response building blocks.
You will help to lead a program for identifying privacy risks and obligations and how the mitigation of those risks and fulfillment of those obligations are designed, executed, measured, monitored, and continuously improved through the firm’s control framework.
You will be part of McKinsey’s Ethics & Compliance function, whose mission is to enable McKinsey’s client impact and innovation, while managing risks to our firm, clients, and colleagues.
The Ethics & Compliance function is a globally integrated team within the second line of defense of the firm.
Detailed responsibilities include :
- Overseeing a team of compliance professionals responsible for the execution and continuous improvement of key program activities
- Promoting and monitoring adherence to applicable firm policies, standards, procedures, and processes; collaborate with Firm Legal and Risk to maintain up-to-date knowledge of relevant regulatory developments and changes, enforcement actions, innovative technologies and industry trends, tools, and best practices
- Interacting with firm stakeholders to raise awareness of privacy trends, emerging issues, remedial actions, and program initiatives;
lead or assist with the preparation and delivery of materials for firm leadership
- Developing and executing training and awareness campaigns to educate firm members about privacy matters and expectations
- Partnering with Firm Legal and Risk, provide firm-level expertise on privacy matters
- Partnering with Firm Legal and Risk, provide advice to firm members on new business initiatives, new products / services, business acquisitions, and related matters with respect to applicability of privacy policies and governance, including the identification and resolution of potential risks and red flags
- Bachelor’s degree; advanced degree or certifications preferred (e.g., JD, FIP, CIPP / E / US, CIPT, CIPM, CISA, CISSP)
- 10+ years in ethics, compliance, risk, legal, and / or governance in a large organization
- 8+ years of driving compliance programs, with 5+ years experience designing, building, and leading a global privacy compliance program and team and championing privacy compliance by design
- Deep expertise in privacy and data-protection regimes in the EU, US, China, and other jurisdictions, including GDPR, CCPA / CPRA, and PIPL
- Passion for people development and experience building and leading high-performing teams; demonstrated track record of creating a collaborative, respectful, and inclusive environment for all colleagues
- Experience working with and leading highly dynamic, cross-functional, and global teams
- Exceptional organizational skills and attention to detail
- Highly collaborative instincts with ability to manage cross-functional projects and effectively communicate and engage with sophisticated and senior stakeholders