Analyst – Global Colleague Privacy

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.

Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

This position is part of the Colleague Experience Group (CEG) First Line Global Colleague Privacy function and reports to the Manager - Global Colleague Privacy.

Colleague Privacy is a key contributor to both the colleague value proposition and the American Express brand. Independently assessing and managing global privacy risk as it relates to both candidates and colleagues is critical to the CEG function. The Global Colleague Privacy Analyst will ensure compliance in relation to General Data Protection Regulation (GDPR) – Data Subject Rights (DSR) processes.

The successful candidate will be responsible for:

• Driving and performing document reviews, redactions, analysis, tracking, and reporting of key CEG GDPR DSR actions.
• Conducting timely and comprehensive reviews and redactions of documents/files, which are requested by Data Subjects (for employees and former employees) throughout the European Economic Area (EEA) and the United Kingdom (UK) to ensure compliance and internal requirements are met.
• Supporting the development, coordination, and implementation enhancements to the end-to-end DSR process.
• Supporting, performing, and managing risk reviews within enterprise processes, such as Privacy Risk Assessments (PRA) and Process Risk Self-Assessments (PRSA)/Risk & Control Self-Assessments (RCSA) testing, etc.
• Partnering with compliance, General Counsel’s Organization (GCO) and other key stakeholders in fulfilling GDPR DSRs.
• Partnering with the enterprise privacy oversight function in Global Privacy Oversight to ensure alignment on required reporting, monitoring, and escalation activities
• Fostering a culture of privacy and risk awareness within CEG by advocating for early collaboration with CEG teams, accountability and sharing of best practices
• Ensuring that CEG remains a trusted partner to the organization by providing DSR support across the Amex enterprise.

Minimum Qualifications

• Previous proven experience in privacy, compliance and/or risk management and oversight function, including identifying and remediating risks, performing document reviews and determining adequacy of operational risk controls
• Understanding of how legal and regulatory requirements are interpreted and can be implemented across various processes, strong awareness of current and pending regulatory change, in particular as associated with the General Data Protection Regulation (GDPR) – Data Subject Rights (DSR).
• Understanding of how colleague privacy and processes involving employee and former employee data are managed in alignment with Global Privacy Data Subject Rights Standard, and in consideration of other risk functions (e.g., Compliance, Third Party, Enterprise Resiliency)
• Strong decision-making skills and the ability to resolve complex problems independently and in a timely manner
• Effective analytical and problem-solving skills and proficiency in managing multiple or shifting priorities simultaneously
• Highly organized, excellent written and verbal communication skills, strong attention to quality and detail
• Comfortable working with multiple stakeholders in a matrixed organization
• Demonstrated interpersonal skills and ability to build relationships to foster a culture of awareness and engagement and mobilize change
• Process enhancement mind-set-ability to identify areas for improvement in existing processes and shape recommendations for change
• Demonstrate business acumen, credibility, and judgment, both independently and in collaboration with compliance and business partners
• Understanding of CEG systems, processes, and experience with Archer Applications (e.g., Process Risk Self-Assessment/ Risk & Control Self-Assessments, Privacy Risk Assessment) a plus
• Expertise in using Microsoft Office Programs (i.e. Word, Excel, PowerPoint)

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

• Competitive base salaries
• Bonus incentives
• Support for financial-well-being and retirement
• Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
• Generous paid parental leave policies (depending on your location)
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.