Associate Director, Data Privacy & Protection - Rockville, MD

We Work to Protect Investors. Join our Team.

The Financial Industry Regulatory Authority (FINRA) is seeking a well-qualified individual for our Associate Director, Data Privacy & Protection opening in Rockville, MD. To be considered for this position, please submit your resume through our career site at - no phone calls, please.

Job Summary:

Manages the Data Privacy and Protection Information Security Program and serves as liaison between FINRA departments and the Data Privacy and Protection office in identifying and mitigating risk in processes and procedures, managing incident identification and resolution, and appropriately identifying and classifying sensitive FINRA data. Acts as a policy liaison between business users and the Technology Department to ensure there is alignment between business data needs and Technology data policies. Serves as primary manager on company-wide Data Privacy initiatives, including Privacy Impact Assessments and Data Minimization efforts.

Essential Job Functions:

  • Manage the day-to-day operations regarding incident identification and resolution, providing guidance on identifying and classifying sensitive FINRA data, and recommending procedures to safeguard FINRA information from potential loss.
  • This responsibility includes interactions with staff at all levels, investigating facts surrounding incidents and breaches, documenting resolution of incidents or breaches, identifying and recommending mitigation activities, and communicating with managers, HR, Insider Risk, Technology, IA and other internal risk mitigation partners as appropriate.
  • As directed by the Chief Privacy Officer & Associate General Counsel (CPO & AGC), amend, draft, and enhance FINRA's corporate privacy and information security program to meet operational and legal requirements and communicate requirements to staff.
  • Serve as management escalation point to address data privacy, risk issues raised by internal constituents including senior-level management. In addition, serve as primary contact for referrals from internal constituents on potential information breaches.
  • Manage the development and implementation of department-level privacy guidelines that add specific procedures for staff to follow.
  • Serve as project manager for FINRA's Privacy Impact Assessment (PIA) initiatives to include creating and implementing processes for the assessment and mitigation of data handling risks by both vendor and in-house systems and applications.
  • The PIA initiative requires the development and execution of detailed project plans, frequent communication and coordination with other internal stakeholders and interaction with technical teams to ensure satisfaction of all requirements for successful project completion.
  • Serve as project manager for FINRA's Data Mapping and Minimization project by collaborating with senior department leaders to assess and prioritize activities, developing and executing a detailed project plan, collaborating with internal stakeholders and briefing status to FINRA leadership. Develop and implement solutions to ensure data-mapping effort remains current and functional.
  • Interact with all staff and management levels on risk identification and provide appropriate mitigation of matters.
  • Escalate items to CPO & AGC as necessary, including trends that are affecting multiple business lines in FINRA and any legal implications.
  • Prepare and deliver briefings/presentations to senior management, Information Managers, and Information Owners on developments affecting their departments or new procedures implemented to safeguard FINRA from exposure.
  • Develop and implement metrics to measure effectiveness of program and departmental compliance.
  • Serve as backup for the CPO & AGC, as needed.

Other Responsibilities:
  • Other duties as assigned to ensure continued FINRA and staff compliance with evolving privacy and information security standards and policies.

Education/Experience Requirements:

  • Minimum of a bachelor's degree or equivalent experience plus at least 8 years work experience with 5 years of experience in privacy, information security policy, information management or a directly related field.
  • Extensive experience in data or information policy, preferably in financial services regulation, compliance or a non-profit environment.
  • Expert understanding of privacy and data security policies and operations.
  • Extensive experience in project management. Experience managing and conducting privacy impact assessments and/or data minimization efforts a plus.
  • Strong interpersonal and leadership skills.
  • Demonstrated communication, management, negotiation, decision-making and collaboration skills. CIPP/US or CIPM preferred.
Working Conditions:
  • Work is normally performed in an office environment and involves the use of a computer.
  • Occasional travel required.
  • Extended hours frequently required
To be considered for this position, please submit a cover letter and resume. A writing sample may be required as part of the submission.

The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.

Please note: If the "Apply Now" button on a job board posting does not take you directly to the FINRA Careers site, enter into your browser to reach our site directly.

FINRA strives to make our career site accessible to all users. If you need a disability-related accommodation for completing the application process, please contact FINRA's accommodation help line at 240.386.4865. Please note that this number is exclusively for inquiries regarding application accommodations.

In addition to a competitive salary, comprehensive health and welfare benefits, and incentive compensation, FINRA offers immediate participation and vesting in a 401(k) plan with company match. You will also be eligible for participation in an additional FINRA-funded retirement contribution, our tuition reimbursement program and many other benefits. If you would like to contribute to our important mission and work collegially in a professional organization that values intelligence, integrity and initiative, consider a career with FINRA.

Important Information

FINRA's Code of Conduct imposes restrictions on employees' investments and requires financial disclosures that are uniquely related to our role as a securities regulator. FINRA employees are required to disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts. All of those accounts are subject to the Code's investment and securities account restrictions , and new employees must comply with those investment restrictions-including disposing of any security issued by a company on FINRA's Prohibited Company List or obtaining a written waiver from their Executive Vice President-by the date they begin employment with FINRA. Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment.

As standard practice, employees must also execute FINRA's Employee Confidentiality and Invention Assignment Agreement without qualification or modification and comply with the company's policy on nepotism.


FINRA is an independent, non-governmental regulator for all securities firms doing business with the public in the United States. FINRA works to protect investors and maintain market integrity in a public-private partnership with the Securities and Exchange Commission (SEC), while also benefiting from the SEC's oversight. In its role as investor guardian, FINRA is informed, but not influenced, by the industry that it regulates. FINRA's independent regulation plays a critical role in America's financial system-all at no cost to taxpayers.

FINRA touches virtually every aspect of the securities business-from registering and educating industry participants to examining securities firms; writing rules; enforcing those rules and the federal securities laws; informing and educating the investing public; providing trade reporting and other industry utilities; and administering the largest dispute resolution forum for investors and registered firms. FINRA uses technology powerful enough to look across markets and detect potential abuses. Using a variety of data gathering techniques, we work to detect insider trading and any strategies firms or individuals use to gain an unfair advantage.

In today's fast-paced and complex global economy, FINRA is a trusted advocate for investors, dedicated to keeping the markets fair and proactively addressing emerging regulatory issues before they harm investors or the markets. FINRA operates from Washington, DC, and New York, NY, with other offices around the country.

Find out more about us and how we work-and view our current openings-at .

Search Firm Representatives

Please be advised that FINRA is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, a valid written agreement and task order must be in place before any resumes are submitted to FINRA. All resumes submitted by search firms to any employee at FINRA without a valid written agreement and task order in place will be deemed the sole property of FINRA and no fee will be paid in the event that person is hired by FINRA.

FINRA is an Equal Opportunity and Affirmative Action Employer

All qualified applicants will receive consideration for employment without regard to age, citizenship status, color, disability, marital status, national origin, race, religion, sex, sexual orientation, gender identity, veteran status or any other classification protected by federal state or local laws as appropriate, or upon the protected status of the person's relatives, friends or associates.

FINRA abides by the requirements of 41 CFR 60-741.5(a) . This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.

FINRA abides by the requirements of 41 CFR 60-300.5(a) . This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.

©2018 FINRA. All rights reserved. FINRA is a registered trademark of the Financial Industry Regulatory Authority, Inc.

Meet Some of FINRA's Employees


Associate Principal Examiner, Risk Oversight & Operational Regulation

In order to protect people from financial fraud, Dylan evaluates everything from market, credit, and reputational risk to the processes and procedures encompassing settlements, cash flows, expenses, and valuations.


Associate Principal Examiner, Anti-Money Laundering

Katherine and her team review the policies and procedures used to detect and report suspicious activity at brokerage firms, working closely with firm compliance staff to ensure they remain robust.

Back to top