Director - Privacy Risk Management

What is the opportunity?This role is responsible for developing and implementing privacy risk management programs across RBC's CM & US Operations (CUSO) including Capital Markets, RBC Bank, City National Bank and US Wealth Management. You will implement comprehensive privacy compliance frameworks that meet US federal and state regulatory requirements while supporting business objectives

The role encompasses privacy program management regulatory relationship management, and oversight of privacy risk management initiatives. You will serve as RBC's primary privacy representative to US regulators, providing expertise on CM & US privacy matters including GLBA, Regulation P, CCPA/CPRA, GDPR, PIPEDA and emerging state privacy laws.

Reporting to the MD Data Management, you are integrated into the CUSO/CM Chief Controls Office team, which ensures the control environment operates effectively across the 1st line.

What will you do?

The Director, Privacy Risk Management – CM & US Operations leads RBC's privacy compliance framework across CM and US business segments.

Privacy Program Development and Management:

• Design, develop and implement privacy compliance programs for CM and US business segments in alignment with enterprise privacy standards

• Conduct Privacy Risk Assessments, Supplier Risk Management Assessments, Privacy Breaches and complaints. Help develop and maintain privacy policies, procedures, and control frameworks

• Collaborate with Global Privacy Office and enterprise functions to ensure consistent application of privacy standards

• Implement privacy-by-design principles and support emerging technology governance, particularly relating to artificial intelligence and automated decision-making within CM & US Operations

Regulatory Relationship Management:

• Serve as primary privacy representative to US regulators including FTC, CFPB, state attorneys general, and relevant federal banking regulators

• Lead privacy-related regulatory examinations, inquiries, and enforcement discussions on behalf of CM & US Operations

Compliance and Risk Management:

• Oversee day-to-day privacy compliance activities including data subject access requests, privacy breach incident management, and regulatory inquiries specific to CM & US Operations

• Develop privacy metrics and reporting for senior US management on compliance effectiveness and emerging risks

Team Leadership and Stakeholder Management:

• Lead a privacy team of up to 5 professionals with expertise in privacy regulations and financial services operations

• Provide advisory support and privacy expertise to CM and US business segment leaders and cross-functional teams

• Drive privacy awareness and training initiatives across CM and US Operations

• Participate in privacy committees, governance forums, and cross-functional projects

Cross-Functional Integration:

• Partner with US business segments to integrate privacy considerations into product development, marketing, and operational processes

• Collaborate with Legal, Compliance, Technology, and Risk Management functions on privacy-related initiatives

• Provide privacy expertise for US new business initiatives, system implementations, and process changes

• Support enterprise privacy governance through US-focused reporting, metrics, and risk identification

As a member of the Committees and Forums, the leader will contribute to the maintenance of an effective control and regulatory integration program, focusing on:

• Sharing insights, themes and findings from exams, audits and regulatory changes with stakeholders to drive awareness of changes to expectations and changes to processes, controls and behaviors

• Enabling alignment across LODs and stakeholders on control priorities that emerge from exams, audits and regulatory changes

• Drive efficiency through use of consistent approach and process used in the planning for and responding to and managing operational risks

What you need to succeed?

Required Skills:

• Bachelor's degree and professional privacy certifications with US focus (IAPP - CIPP/US required, CIPM preferred); minimum 7 years privacy and banking compliance experience; minimum 5 years experience with US privacy regulations; demonstrated experience with US regulatory relationship management

• Leading privacy compliance programs in US financial services or similarly regulated industry

• Deep knowledge of CM & US privacy regulatory framework including GLBA, Regulation P, CCPA/CPRA, GDPR, PIPEDA and emerging US state privacy laws

• Direct experience with US privacy regulators including FTC, CFPB, and state enforcement agencies

• Experience managing privacy-related regulatory examinations, enforcement actions, and remediation programs

• Understanding of US financial services products and operations across Capital Markets, Wealth Management, and Consumer Banking

• Experience implementing privacy controls and governance frameworks in regulatory environment

• Knowledge of US privacy technologies including consent management and privacy rights automation platforms

Nice to have:

• JD or advanced degree; additional US-focused certifications in data governance or financial services

• Expertise with privacy management platforms (OneTrust, etc.)

• Knowledge of AI governance and emerging privacy technologies

• Experience with US state privacy law implementation

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation

• Leaders who support your development through coaching and managing opportunities 

• Work in a dynamic, collaborative, progressive, and high-performing team

• Opportunities to do challenging work

The expected salary range for this position is $130,000 - $200,000 depending on experience, skills, registration status, market conditions and business needs. We are considering candidates at the Vice President and Director levels based on qualifications and experience, which accounts for the broader range. This salary range does not include other elements of total compensation, including a discretionary bonus and benefits such as a 401(k) program with company match; health, dental, vision, life and disability insurance; and paid time-off plan.

#LI-KA2

Job Skills

Big Data Management, Critical Thinking, Data Governance, Financial Regulation, Global Privacy, Knowledge Organization, Logical Data Modeling, Long Term Planning, Privacy Compliance, Privacy Laws, Privacy Management, Repository Tools, Results-Oriented, Risk Management, Strategic Thinking

Additional Job Details

BROOKFIELD PLACE FKA 3 WORLD FINANCIAL CENTER, 200 VESEY STREET:NEW YORKNew YorkUnited States of America40Full timeRegularSalaried2026-04-172026-05-04

Note:Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Our Employment Opportunities

At RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.