Privacy and Compliance Analyst

This is a fully remote position, open to applicants in Canada.

📋 Description

• Execute Risk & Compliance Initiatives: Oversee and implement privacy, security, and compliance projects, ensuring they align with the organization's objectives and timelines.

• Identify and Mitigate Risks: Proactively evaluate operational, IT, and data privacy risks, collaborating with cross-functional teams to establish effective risk mitigation strategies.

• Build and Improve Frameworks: Create, maintain, and refine compliance frameworks, policies, and procedures in accordance with evolving regulations (PIPEDA, COPPA, GDPR) and industry standards.

• Support Audits and Assessments: Organize third-party audits (e.g., SOC 2, PCI DSS) and perform internal assessments to guarantee ongoing compliance.

• Strengthen Security Practices: Assist in enhancing software security and contribute to initiatives aimed at improving controls and minimizing risk exposure.

• Manage Security Incidents: Lead or assist with incident response activities, including investigation, documentation, communication, and remediation efforts.

• Review and Resolve R&C Requests: Prioritize and respond to compliance-related inquiries and tickets, offering timely guidance and solutions to internal teams.

• Research and Apply Regulatory Standards: Remain up-to-date on privacy laws and industry requirements, translating them into actionable policies and operational procedures.

• Communicate and Report: Create clear and accurate compliance documentation and reports for internal stakeholders, clients, and auditors.

• Engage with Stakeholders: Collaborate with clients, vendors, auditors, and internal teams to address compliance needs and support ongoing initiatives.

• Deliver Training and Awareness: Assist in training initiatives and promote a culture of data security and compliance throughout the organization.

⛳️ Requirements

• Over 5 years of experience in privacy, data security, compliance, and risk management.

• Advanced education in cybersecurity or a related discipline.

• In-depth knowledge of Canadian privacy laws and regulations.

• Experience in training delivery and developing policy documents related to privacy and compliance.

• Experience in project management; PMP certification is a valuable asset but not mandatory.

• Additional qualifications such as CIPP/C, CIPM, or other relevant privacy/security certifications are a plus.

🏝️ Benefits

• Employee Stock Ownership Plan (ESOP)

• Comprehensive medical, dental, and vision coverage

• Life and disability insurance

• Health spending account

• Flexible working hours

• On-the-job training and professional growth opportunities

• Complimentary on-site parking