The Business Associate is a senior level position responsible who stays abreast of developments within own field. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas. Significant impact on the area through complex deliverables relating to Data Privacy. Provides advice and counsel related to data privacy, cross border data transfers to the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family. Responsibilities: Act as Point of Contact for the Client business on Data Privacy and Cross Border Data Access. Build knowledge awareness for Business partners on privacy policies, procedures process and controls. Support and implement Client's Data Privacy governance structure in alignment with Chief Privacy Office requirements. Ensure privacy-related matters are reviewed and discussed on a regular basis, alongside defined escalation routes to the relevant Data Council. Develops procedural implementation and change management process with Client Risk Management and CAO team to ensure proper data governance and controls exist. Support completion of Privacy Impact Assessments (PIA, DPIA) for new CBAT initiatives, and follow-up with initiative owners to ensure completion of identified actions. Provide guidance (identify themes) on data privacy metrics, and act as a subject matter expert to ICM initiative owners and business units on Data Privacy and Cross Border Data Clearance (CBDC) process. Manage Manager’s Control Assessment (MCA) Controls, open audit or self-identified issues and regulatory/internal audit requests. Build executive decks, metrics to support root cause analysis of data. Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency. Qualifications: Strong Microsoft Suite skills (i.e., Sharepoint, PowerPoint, Excel, Word,) is desirable Ability to identify and manage competing or changing priorities, and manage stakeholder expectations Has the ability to operate independently with a limited level of direct supervision. Knowledge of Data Privacy, Third Party Risk Management Policy and Procedures is highly desirable. Strong written and verbal communication skills. Interpersonal skills with the ability to work collaboratively and with people at all levels of the organization and across different geographic locations A proactive and “no surprises” approach in communicating issues Range of experience demonstrating flexibility in skillset and approach Education: Bachelor’s Degree/University degree or equivalent experience Master’s degree preferred This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. Job Family Group: Business Strategy, Management & Administration Job Family: Business Execution & Administration Time Type: Full time Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities.