This role is responsible for developing and implementing privacy risk management programs across RBC's CM & US Operations (CUSO) including Capital Markets, RBC Bank, City National Bank and US Wealth Management. You will implement comprehensive privacy compliance frameworks that meet US federal and state regulatory requirements while supporting business objectives. The role encompasses privacy program management regulatory relationship management, and oversight of privacy risk management initiatives. You will serve as RBC's primary privacy representative to US regulators, providing expertise on CM & US privacy matters including GLBA, Regulation P, CCPA/ CPRA, GDPR, PIPEDA and emerging state privacy laws. Reporting to the MD Data Management, you are integrated into the CUSO/ CM Chief Controls Office team, which ensures the control environment operates effectively across the 1st line. What will you do? The Director, Privacy Risk Management – CM & US Operations leads RBC's privacy compliance framework across CM and US business segments. Privacy Program Development and Management:Design, develop and implement privacy compliance programs for CM and US business segments in alignment with enterprise privacy standards. Conduct Privacy Risk Assessments, Supplier Risk Management Assessments, Privacy Breaches and complaints. Help develop and maintain privacy policies, procedures, and control frameworks. Collaborate with Global Privacy Office and enterprise functions to ensure consistent application of privacy standards. Implement privacy-by-design principles and support emerging technology governance, particularly relating to artificial intelligence and automated decision-making within CM & US Operations. Regulatory Relationship Management:Serve as primary privacy representative to US regulators including FTC, CFPB, state attorneys general, and relevant federal banking regulators. Lead privacy-related regulatory examinations, inquiries, and enforcement discussions on behalf of CM & US Operations. Compliance and Risk Management:Oversee day-to-day privacy compliance activities including data subject access requests, privacy breach incident management, and regulatory inquiries specific to CM & US Operations. Develop privacy metrics and reporting for senior US management on compliance effectiveness and emerging risks. Team Leadership and Stakeholder Management:Lead a privacy team of up to 5 professionals with expertise in privacy regulations and financial services operations. Provide advisory support and privacy expertise to CM and US business segment leaders and cross-functional teams. Drive privacy awareness and training initiatives across CM and US Operations. Participate in privacy committees, governance forums, and cross-functional projects. Cross-Functional Integration:Partner with US business segments to integrate privacy considerations into product development, marketing, and operational processes. Collaborate with Legal, Compliance, Technology, and Risk Management functions on privacy-related initiatives. Provide privacy expertise for US new business initiatives, system implementations, and process changes. Support enterprise privacy governance through US-focused reporting, metrics, and risk identification. As a member of the Committees and Forums, the leader will contribute to the maintenance of an effective control and regulatory integration program, focusing on:Sharing insights, themes and findings from exams, audits and regulatory changes with stakeholders to drive awareness of changes to expectations and changes to processes, controls and behaviors. Enabling alignment across LODs and stakeholders on control priorities that emerge from exams, audits and regulatory changes. Drive efficiency through use of consistent approach and process used in the planning for and responding to and managing operational risks. What you need to succeed? Required Skills:Bachelor's degree and professional privacy certifications with US focus (IAPP - CIPP/ US required, CIPM preferred); minimum 7 years privacy and banking compliance experience; minimum 5 years experience with US privacy regulations; demonstrated experience with US regulatory relationship management. Leading privacy compliance programs in US financial services or similarly regulated industry. Deep knowledge of CM & US privacy regulatory framework including GLBA, Regulation P, CCPA/ CPRA, GDPR, PIPEDA and emerging US state privacy laws. Direct experience with US privacy regulators including FTC, CFPB, and state enforcement agencies. Experience managing privacy-related regulatory examinations, enforcement actions, and remediation programs. Understanding of US financial services products and operations across Capital Markets, Wealth Management, and Consumer Banking. Experience implementing privacy controls and governance frameworks in regulatory environment. Knowledge of US privacy technologies including consent management and privacy rights automation platforms. Nice to have:JD or advanced degree; additional US-focused certifications in data governance or financial services. Expertise with privacy management platforms (One. Trust, etc.)Knowledge of AI governance and emerging privacy technologies. Experience with US state privacy law implementation. What’s in it for you?