At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.

Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

Do you enjoy a dynamic, collaborative work environment where you can make a mark? Are you someone who knows how to drive high performing business results through people? Are you detail and process-oriented and enjoy problem solving?

If you've answered 'yes' to any or all the above, then you could be just who I am looking for!

There is an exciting opportunity for a highly experienced, senior risk professional to join the American Express International Privacy Risk Management team and lead a first line privacy practices & risk management team. This team ensures privacy practices and privacy assurance activities are in place across lines of business.

I am looking for a Director of Privacy Practices and Risk Management to help shape American Express’ future in the strategically important domain of data privacy and lead the evolution of high-quality Privacy risk management standards and practices across Europe, APAC and LACC and increase awareness of privacy standards, effectiveness of controls, compliance with regulations, and adoption of industry best practice throughout the company.

Responsibility for the core privacy pillars (e.g., Notice & Transparency, Retention & Disposal, Data Transfers, Digital Trackers etc.) in American Express will be divided across this new role and an existing Director of Privacy Practices and Risk Management. In addition, both roles will be responsible for assisting business units and legal entities with the design, enhancement and operationalisation of controls, processes, and procedures to ensure the proper usage and safeguarding of customer, colleague, and other confidential information.

Job Responsibilities

Key responsibilities include, but are not limited to:

• Develops and nurtures the great talent within the team and network to create a pipeline of future talent

• Fosters strong collaboration and information sharing across Privacy Practices and Risk Management teams.

• Sets the privacy practices framework for core privacy pillars to be executed by 1st line Operational Risk Experts

• Provides data privacy subject matter expertise to enable the successful delivery of privacy change and regulatory compliance initiatives.

• Partners with Governance and Control management teams across Europe, APAC and LACC to implement and execute high-quality Privacy risk management standards and practices and to increase awareness of privacy standards, controls, regulations, and industry best practice.

• Assists the regional business teams and legal entities with the design, enhancement, and operationalisation of controls to address privacy requirements and mitigate privacy risks, with particular focus on driving consistency across Europe, APAC and LACC.

• Supports the deployment of privacy management technology and tools (automation) to enhance data privacy controls.

• Shapes and oversees the 1st line of defence Privacy testing framework, coordinating with 2nd line Privacy to avoid overlap and testing duplication.

• Provides transparency to Business Unit/Legal Entity and compliance management through accurate reporting and metrics on risks, issues and/or control deficiencies, results of self-assessments, control environment, tests, audits, and external events that would impact the Business Unit/Legal Entity’s ability to comply with applicable privacy requirements.

• Stays up to date on trends and advances in industry risk standards and works with business leaders to evaluate, recommend, and implement opportunities to enhance the business/legal entity privacy risk profile and management practices.

• Assists the business with preparing for privacy-related exams, compliance tests and internal audits and notifies and engages 2nd line Privacy and Compliance colleagues during such reviews.

• In partnership with 2nd line Privacy and Compliance, fosters a privacy-aware culture across the company via the creation of learning and development programs and guidance material to support colleagues to understand their roles and responsibilities in relation to privacy.

• Proactively engages and partners with stakeholders across the business to promote privacy by design and educate teams on changes to laws and regulations and external privacy practices.

Key Skills Required:

• Experience in Control Management, Compliance, Operational Risk, or a related discipline.

• Proven experience of working in a legal & regulatory environment with tight deadlines, changing information and ambiguity. Knowledge of privacy regulation essential.

• Credible leader with proven ability to develop strong talent & build diverse teams

• Prior experience implementing privacy requirements into business practices (processes & procedures) and conducting privacy, operational and/or technology risk assessments an advantage.

• An understanding of processes and information flows for BUs and functions that manage customer, employee data and other confidential information beneficial.

• Ability to build effective relationships with and influence senior management and stakeholders to drive an effective operating model and manage risks.

• Makes collaboration essential – seeks out and values the input of others, encourages a collaborative culture for their team, entertains new ideas with an open mindset.

• Strong analytical capabilities, confident in identifying/solving complex operational challenges and control oriented.

• Ability to cooperate seamlessly cross-function and cross-border, building strong relationships & establishing trust through consistent delivery.

• Adaptable, resilient, and focused when driving results in a fast-paced environment.

• Able to think critically and use data-driven insights to solve problems and achieve desired outcomes.

• Execution-focused with an ability to develop strategy, influence stakeholders, drive implementation and measure success.

• Strong English language verbal and written communication skills, with an ability to craft messages that clearly and succinctly communicate key messages for internal and external audiences at all levels of the organization.

Non-considerations for sponsorship: Employment eligibility to work with American Express in the UK is required as the company will not pursue visa sponsorship for these positions.

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

• Competitive base salaries

• Bonus incentives

• Support for financial-well-being and retirement

• Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)

• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need

• Generous paid parental leave policies (depending on your location)

• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)

• Free and confidential counseling support through our Healthy Minds program

• Career development and training opportunities

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.