Senior Compliance Officer II

General Description

The Consumer Privacy & FCRA Compliance Risk/Compliance Officer operates within the organization's second line of defense, ensuring compliance with consumer privacy laws. This position focuses on upholding privacy rights, transparency, fair information practices, lawful data use, and consumer-facing obligations. The officer maintains independence from Information Security, which is accountable for data-security safeguards, but collaborates closely with that team.

The Officer is responsible for providing governance, oversight, effective challenge, and specialized expertise related to consumer-privacy compliance requirements. These include obligations under GLBA/Regulation P, GDPR, CCPA, COPPA, TCPA, CAN-SPAM, FCRA, and newly emerging regulatory frameworks.

Essential Duties and Responsibilities

• • Maintain expertise in relevant consumer-privacy and consumer-protection laws, such as GLBA/Regulation P, GDPR, CCPA, FCRA, COPPA, TCPA, CAN-SPAM, and other evolving regulatory frameworks.
  • Provide second-line oversight and compliance input for the development, maintenance, and governance of enterprise privacy policies, standards, and procedures that address consumer-privacy obligations, separate from information-security controls.
  • Advise stakeholders on evolving privacy requirements, including transparency, notices, consent and opt-out rights, lawful use of data, and fair information practices.
  • Serve as a second-line privacy compliance subject-matter expert, providing independent oversight and effective challenge for business practices, processes, and controls.
  • Review and assess business initiatives, product changes, marketing activities, data-use proposals, and automated decision-making for alignment with consumer-privacy and corporate requirements, including transparency, purpose limitation, consumer choice, and disclosure obligations.
  • Partner with operations and other compliance teams to oversee FCRA-related obligations. This includes managing consumer dispute investigations, adverse-action requirements, identifying regulatory deviations, and recommending corrective actions to mitigate compliance risk.
  • Advise on and oversee the accuracy, clarity, and completeness of consumer-facing disclosures, including privacy notices, marketing disclosures, and related communications, ensuring conformity with regulatory requirements and actual business practices.
  • Provide advisory guidance to business units regarding the design and governance of consumer consent, opt-out, and preference-management processes. Ensure fair use of consumer data and compliance with requirements for honoring consumer choices, without assuming primary responsibility for execution.
  • Work together with Information Security on shared activities such as vendor contracts, incident response coordination, and secure fulfillment of consumer data requests. Ensure privacy requirements are met while respecting the established division of responsibilities.
  • Collaborate with stakeholders to support training initiatives and develop job aids that assist operational teams in complying with consumer-privacy, marketing, and FCRA-related requirements.
  • Responsible for managing regulatory inquiries, audits, and examinations related to consumer privacy and FCRA compliance.

Education

Bachelor’s degree 

JD, Master’s in related field, preferred

Experience

• 7+ years of experience in privacy, consumer compliance, risk management, or related legal/audit roles.
• Experience in a financial institution or highly regulated industry.

Certifications

Professional certifications such as CRCM, CIPP, CIPM, CERP, or CDIA FCRA Certificate.

Other Qualifications

• Excellent interpersonal relationships and teamwork skills.
• Critical, analytical thinker with strong problem-solving skills.
• Strong knowledge of U.S. and international consumer-privacy regulations.
• Excellent organizational skills to manage multiple assignments and ability to work independently in a fast-paced environment, meeting aggressive, specific deadlines, with effective resolution of conflicting priorities.
• Strong client-relations skills and ability to partner with internal stakeholders to develop practical solutions that meet business needs while remaining compliant with applicable laws and regulations.
• Demonstrated ability to provide independent challenge within a second-line or similar governance structure.
• Excellent communication, influencing, and stakeholder-management skills.
• Must be well spoken, with excellent bilingual (English and Spanish) writing and presentation skills).
• Proficient in Microsoft Office (MS Excel, PowerPoint, SharePoint, Word, etc .