Executive Director, Regional Information Privacy Officer, APAC

You desire impactful work.
 

You’re RGA ready

RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 500 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

A Brief Overview

Uses depth of expertise to lead and manage aspects of the implementation of an privacy risk strategy, policies, standards and best practices approach aligned with RGA's privacy needs. Act as corporate advocate for privacy regional regulatory mandates with a focus on enabling RGA's business and innovation. Consult with Global Legal attorneys as needed to provide business leaders and executive's guidance on privacy regulatory requirements and on the implementation of related policies.

What you will do

• Work with regional senior management/executives to strategize and/or resolve all privacy matters that impact business operations: Articulate, execute and maintain privacy programs in region. Advise and liaise with regional senior management/executives on privacy matters including driving risk assessments and promoting risk appetites across regional multiple businesses. Collaborate with region stakeholders to manage privacy risks reporting for company, regulators, and external auditors.

• As a subject matter expert develop and implement a framework and approach for identifying and reporting global risk, and enabling the business while establishing an effective and appropriate privacy environment for the organization: Establishes and communicates difficult concepts and negotiates with others to adapt to global policies and procedures associated with privacy; proposes changes to existing policies and procedures to ensure effective risk mitigation, operating efficiency, and regulatory compliance; Independently establishes governance structures that will serve to support the enterprise privacy frameworks, improve the overall risk management competency and capability enterprise wide, and use subject matter expertise to resolve complex business challenges and promote best practices to improve business processes and mitigate risk across a broad geographic area; Provide privacy expertise by consulting on major application initiatives positively impacting the achievement of objectives, and leads or participates in high profile cross functional project teams with moderate resource requirements, risk, and/or complexity, while ensuring privacy issues are taken into account and addressed early, including external RFP’s; Manage enterprise privacy programs and communication for designated area of responsibility. Participate in privacy global privacy processes."

• Applies subject matter expertise in the diagnosis of business risks, while exercising judgment in the evaluation of solution alternatives and delivery of systems solutions.

• Assume Data Protection Officer or equivalent role to address regulatory requirements, and oversee its responsibilities when directed by the Global Privacy Officer.

• Serves as regional privacy advisor to the CISO and GPO on trends, regulatory changes, and emerging risks and serves as a global privacy advocate for the CISO/GPO in cooperation with the RGA compliance organization, while leading others to solve complex privacy problems and uses sophisticated analytical thought to exercise judgment and identify innovative solutions.

• Acts as a corporate advocate for data privacy, data protection, and information risk management best practices working with all other appropriate stakeholders and works as a liaison with regional regulatory authorities as required.

• Responsible for and may lead a small team for which he/she mentors and provides training, to include associates across the enterprise on policies, processes, and best practices relating to SPF. Performs supervisory duties including, but not limited to; hiring, training, evaluating, coaching, and disciplining of direct reports

• Performs other duties as assigned

Qualifications

• Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent experience

• Master’s degree in Arts/Sciences (MA/MS) MBA preferred

• 10+ Years experience in security, privacy, fraud, and data safeguarding methods, and identifies/resolves operational and organizational problems

• 15+ Years professional experience in data management with emphasis in data privacy and protection preferred

• 3+ Years experience working with legal team preferred

• Experience with security/privacy legislation (e.g. HIPAA, GLBA, Data Privacy) preferred

• Experience with General Data Protection Regulation preferred

• Advanced knowledge of the security, privacy, and fraud fields including best practices and associated program policies

• Advanced knowledge of GDPR, PIPEDA, APPI, SEC, FDIC, FFIEC, GLBA, PCI, FTC, FINRA, state specific, and global standards and regulations regarding security, privacy, and fraud

• Advanced knowledge of data privacy, data security, and fraud threats and vulnerabilities

• Advanced ability to guide, influence, and persuade others either internally in other areas or externally with customers or agencies. Exceptional ability to make timely and effective decisions and produce results through strategic planning and the implementation and evaluation of programs and policies. Advanced project management skills

• Advanced ability to evaluate project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan

• Advanced ability to convey business terminology that is meaningful and well received

• Advanced people management skills, demonstrating an ability to lead, mentor, and develop associates, preferred

• Advanced ability to adapt plans and priorities to meet service and/or operational changes

• Advanced ability to quickly learn and understand RGA businesses

• Strong understanding of EU data transfer requirements preferred

• Certified Information Privacy Professional (CIPP) or ability to obtain certification

Insurance industry knowledge and certifications preferred

What you can expect from RGA:

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.

• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.

• Join the bright and creative minds of RGA, and experience vast, endless career potential.