Privacy Compliance Officer

Privacy Compliance Coverage Officer Morgan Stanley Overview

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm’s employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic.

The professionals in the Legal and Compliance Division (LCD) provide a wide range of services to our business units. LCD is made up of the Legal, Regulatory Relations, and Non-Financial Risk departments which preserve the firm’s invaluable reputation for integrity and protect the firm from sanctions with policies and procedures that are designed to meet regulatory requirements around the world. We also strive to maintain cooperative relationships with governmental policy makers and the regulatory and self‑regulatory agencies that govern the firm’s businesses.

The second‑line Non‑Financial Risk (NFR) organization includes the Compliance, Global Financial Crimes, and Operational Risk departments and provides a single, comprehensive, and consistent second‑line view of these non‑financial risks. NFR encompasses risks which are not financial in nature, and could have a potential economic, reputational, regulatory, financial reporting, or client impact from (i) failed or inadequate processes, data, or controls; (ii) infrastructure or environmental factors;

or (iii) intentional or inadvertent actions of employees or external parties. The second‑line NFR organization partners with the first‑line business units to advise, train, manage, report, identify, analyze, and elevate non‑financial risks.

Morgan Stanley’s Global Privacy Compliance Program aims to promote fair, transparent and lawful practices related to the processing of Personally Identifiable Information (PII) to support clients, business growth and foster a culture of trust. The Privacy Compliance Coverage Officer will focus on assisting with the management of the privacy program’s risk and controls assessments, monitoring and testing, training, policies and procedures, advice and guidance, and governance activities for key meetings.

The Privacy Compliance Coverage Officer is responsible for providing governance and oversight, risk management and controls framework across the respective business for all activities associated with Privacy. This individual will have responsibility for ensuring compliance with the Morgan Stanley Global Privacy Policy, identification and management of compliance risks associated with Privacy and working across the business to ensure that effective controls and monitoring are in place to reduce risk.

• Supporting the Privacy Compliance Coverage team to enhance the oversight approach to privacy risks, controls, monitoring and testing
• Experience in compliance program management principles, risk assessment methodologies, and internal control frameworks
• Experience with privacy risks and conducting Privacy Impact Assessments (PIAs) related to various technologies and systems
• Providing advice and guidance for Privacy BU/Regional Control Functional Leads
• Provide subject matter expertise regarding applicable international Privacy regulations, state and federal laws, and industry standard procedures and controls
• Assisting with gap analysis and implementation of controls for new or amended regulations and laws
• Supporting various governance forums related to privacy escalation
• Enhance reporting, KRIs, training, notices, policies and procedures, and support ad‑hoc projects as required
• Ability to collaborate and partner with CRO

• At least 6 years’ relevant experience would generally be expected to find the skills required for this role
• Demonstrates Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management experience or…