CIT Group Inc.

VP, Privacy Compliance

Location US-CA-Pasadena
Job ID
# Positions
Job Family
Compliance - Bank/Privacy


CIT is a leading national bank focused on empowering businesses and personal savers with the financial agility to navigate their goals. CIT Group Inc. (NYSE: CIT) is a financial holding company with over a century of experience and operates a principal bank subsidiary, CIT Bank, N.A. (Member FDIC, Equal Housing Lender). The company's commercial banking segment includes commercial financing, community association banking, middle market banking, equipment and vendor financing, factoring, railcar financing, treasury and payments services, and capital markets and asset management. CIT's consumer banking segment includes a national direct bank and regional branch network. Discover more at


The VP Privacy is responsible for the development and execution of CIT’s privacy program and coordinating with business functions to meet these obligations. A successful candidate will be knowledgeable on a range of Privacy topics and skilled at driving execution with cross-functional business teams.

The VP, Privacy position is responsible for the following:
• Understanding the applicable data and privacy laws and regulations that apply to the Company and advising on those requirements;
• Assists in the development, implementation and maintenance of the Company’s Privacy Policy and other related policies to protect personal information and other information belonging to an individual, as defined and required by Sections 501(a) of the Gramm-Leach-Bliley Act (GLBA), the California Consumer Privacy Act (CCPA), the Health Insurance Portability and Accountability Act (HIPAA), Children’s Online Privacy Protection Act, CAN-SPAM, and other relevant privacy laws and regulations;
• Promoting awareness of, and compliance with, privacy requirements, and working cross-functionally with the first line of defense to implement privacy policies and to ensure that the appropriate privacy protections are in place;
• Overseeing the adequacy of privacy controls within consumer-facing business lines;
• Supporting the development of the required notices and disclosures and working with the business teams to ensure that they are distributed as required by law;
• Working with the marketing teams to ensure customer marketing choices are presented and applied in appropriate channels;
• Assisting the consumer businesses in the development of effective privacy procedures and conducting periodic reviews of the procedures when necessary;
• Supporting the development and completion of inherent risk questionnaires and control guidance in support of the Company’s annual risk assessment process;
• Coordinating and working with the consumer businesses to complete Privacy Impact Assessments, where necessary;
• Supporting triage efforts when unencrypted personally identifiable information is compromised and make any determinations on breach notification with the Law Department; and
• Supporting the development of the framework and content of the Company’ Privacy Program training.


• Demonstrated leadership, collaboration, teamwork and problem-solving skills which have resulted in exceeding goals and targets;
• Demonstrated skills in verbal communication and listening;
• Excellent writing skills;
• A high level of integrity and trust; and
• Extensive familiarity with regulations related to the financial services industry, including the protection of customer information.

Education & Experience:

• At least 5 years' experience in the privacy profession with an in-depth knowledge of privacy and data security laws, including, but not limited to, the Gramm-Leach-Bliley Act, California Consumer Privacy Act, Health Insurance Portability and Accountability Act, the Children’s Online Privacy Protection Act and CAN-SPAM;
• Law degree and/or graduate degree in general business, public policy, or regulatory compliance;
• Must have the technical knowledge of how and why information is collected, stored, and used by the company. This includes knowledge of IT systems, data flows, and other relevant technical skills;
• Must be able to successfully navigate between functions such as Audit, Compliance, Legal and IT; and
• CIPP certification preferred.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed