Data Privacy Engineer(GRC Consultant)

The Data Risk & Control Monitoring Manager will play a pivotal role in safeguarding the organization’s data assets by designing, implementing, and overseeing effective data control frameworks. This role focuses on mitigating data-related risks across quality, access, retention, and usage domains, ensuring compliance with internal governance standards and external regulatory requirements. The ideal candidate will combine strong analytical, governance, and stakeholder management skills to embed robust control mechanisms that enhance data integrity and trust across the enterprise. Key Responsibilities:Data Risk Management & Governance • Develop, implement, and maintain a comprehensive data risk and control framework in alignment with the enterprise data governance strategy. • Partner with Data Risk Stewards and Data Owners to identify, assess, and manage data-related risks across business functions. • Ensure controls are designed to mitigate key risks in data quality, access, privacy, retention, and usage. • Support adherence to data governance policies, including data classification, lineage, and stewardship models. Monitoring, Reporting & Continuous Improvement • Define and monitor Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) related to data management. • Develop regular control monitoring reports and dashboards for senior management, Risk, and Compliance functions. • Identify control gaps, conduct root cause analysis, and drive remediation plans in collaboration with business and technology teams. • Maintain up-to-date documentation of control frameworks, findings, and actions within relevant systems of record. Stakeholder Collaboration & Assurance • Work closely with Risk, Compliance, Internal Audit, and Data Governance teams to ensure regulatory alignment and effective control testing. • Support internal and external audits by providing evidence, control documentation, and subject matter expertise on data-related risks. • Engage with technology teams to ensure controls are embedded within systems, data pipelines, and automated monitoring tools. Regulatory & Policy Alignment • Ensure data control environments comply with applicable regulatory frameworks such as GDPR, BCBS 239, and other data management standards. • Contribute to the continuous enhancement of data risk policies and standards, ensuring they remain fit for purpose and aligned with evolving regulations. • Promote awareness and accountability for data risk management across the business through training and stakeholder engagement. Key Skills & Experience: • 5+ years’ experience in Data Governance, Risk Management, or Data Control roles within financial services or other regulated environments. • Strong understanding of data management principles, including data quality, metadata management, lineage, and retention. • Proven experience in developing and implementing risk and control frameworks (preferably aligned with COSO, ISO 27001, or DAMA DMBOK). • Familiarity with risk and compliance tools (e.g., Archer, MetricStream, or similar GRC platforms). • Strong analytical and problem-solving skills with the ability to interpret complex data and translate findings into actionable insights. • Excellent stakeholder management and communication skills, capable of engaging both technical and non-technical audiences. • Knowledge of relevant data and privacy regulations (e.g., GDPR, CCPA, FCA, PRA guidelines) and experience managing compliance in large organisations. Preferred Qualifications: • Professional certifications such as CISA, CRISC, CDMP, or DAMA DMBOK accreditation. • Experience in data control automation, data risk monitoring tools, or data lineage platforms (e.g., Collibra, Informatica, Solidatus). • Background in audit, data governance, or risk assurance functions.