Associate Principal, Information Governance
What You'll Do:
The Associate Principal, Information Governance and Privacy (reporting to the Privacy and Data Protection Officer) is responsible for supporting the development and implementation of OCC’s information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its lifecycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements for external organizations with whom OCC has a business need to share information; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (i.e. SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation.
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily
Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset
Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids
Identification, implementation, and use of technologies to support program objectives and classification standards
Execution of controls and risk assessments (e.g., third-party risk, privacy, data protection)
Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident.
Creation and execution of strategies to identify information across the organization and throughout its lifecycle
Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings
Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives
Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk
Development and maintenance of the organization’s Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of legacy information
Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems
Collaborate with OCC internal and external stakeholders to implement OCC information governance, data protection, and privacy policies and requirements
Support and develop training and awareness programs for information governance, data protection, and privacy.
Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains
Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships
Strong experience in building the capabilities for auto data classification, data security and data protection.
Experience with classification standard definitions and settings
Experience with Privacy requirements and work with personal information and its protection
Strong strategic thinking, problem solving, and analytic skills
Utilize metrics as means to improve performance
Ability to adapt to change in emerging environments and work across multiple areas
Experience in developing policies and procedures
Experience in project management, project execution, and managing multiple priorities in a timeline driven environment
Experience working in a highly regulated environment including an understanding of audit and compliance requirements
Understanding of and interest in technology selection and implementation
Experience in Information Security related policy, procedure and control writing
General understanding of information technology and risk management concepts
Ability to work independently and as a member of a team, proficient in collaborating with internal business clients from different departments and at various levels of seniority
Proficient in gathering, analyzing, and evaluating facts and preparing/presenting concise oral and written data analysis and reports
Excellent organizational, written, and oral communication skills
Office 365 (Word, Excel, PowerPoint)
Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc.
Project / Program Management
Business Intelligence tool experience
Education and/or Experience:
Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience
5 or more years of applicable work experience
Previous work with information or data governance control activities in the financial services industry.
Experience in the financial services industry
Certificates or Licenses:
Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
Who We Are
The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.
What We Offer
A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment, up to 2 days per week of remote work
Tuition Reimbursement to support your continued education
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
You will receive an email notification to confirm that we've received your application.
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
OCC is an Equal Opportunity Employer
- Chicago - 125 S Franklin
- Full Time Regular
- Posted: Feb. 15, 2024
How to Apply
Step 1 - When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
Step 2 - You will receive an email notification to confirm that we've received your application.
Step 3 - If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
OCC is an Equal Opportunity Employer
Numerous studies have shown that people from groups that are traditionally under-represented in financial services apply to jobs only if they believe they meet 100% of the requirements. We want to break down this mindset to further diversify our workforce.
We encourage you to review our open positions and apply if you think your experience may be a match, even if you do not meet all of the qualifications. Your perspective may be an element we need to continue building innovative solutions to support the markets and market participants we serve.
OCC is a globally recognized entity that clears a multitude of diverse and sophisticated products. We want to reflect this in the diversity of our workforce.