The Head of Compliance & Privacy is responsible for leading the compliance and data privacy disciplines at a shared IT services company serving operating entity company customers of a large international insurance and financial services group located in North America and with specific US regulatory requirements and needs. Directs the implementation of an effective enterprise-wide compliance and data privacy strategy to reduce risks to the company and provide benefit to our customers and their compliance interests. Manages staff focused on the development and execution of regulatory compliance activities. Acts as a lead company representative for compliance and privacy matters with internal and external stakeholders and leadership. Has a direct reporting line to the Head of Legal at ATA and indirect reporting lines to the AZ Technology SE Chief Compliance Officer and AZ Technology SE Data Privacy Officer.

• Directs the planning, development, implementation and oversight of compliance and privacy controls that help to ensure the company’s ability to comply with local and global regulatory requirements. Creates enterprise-wide regulatory strategies and programs that maximize revenues and minimize risk to the company. (60%)
• Manages a compliance staff of 3 direct reports and provides direction in the development, execution and reporting of related policies and programs. Provides indirect leadership of assigned business liaisons with influence beyond immediate team on matters of policy compliance and risk management. (20%)
• Represents enterprise compliance and privacy on key engagements and committees with internal and external stakeholders including but not limited to Risk Management Processes, Integrity Committee, PCAM, the Board. Is a member of the Senior Leadership Team (SLT) responsible for driving a culture of compliance at ATA with appropriate tone from the top by senior company leaders. (20%)

• 8-10 years of experience required managing compliance, privacy and/or risk and control-oriented programs for a large company.
• General knowledge of US compliance, privacy, sanctions and IT security laws and regulations.

Preferred

• 5-7 years of experience managing compliance programs for US operations of large international company(s), preferably in the IT services industry.