[Hiring] Privacy and Compliance Analyst @BIS Safety Software

Role Description

As our dynamic and proactive Privacy and Compliance Analyst, you'll be instrumental in supporting our Risk & Compliance (R&C) initiatives, ensuring our operations align with privacy laws and industry standards. You'll work closely with various teams, providing guidance, managing projects, and facilitating risk processes to support our growth and scalability. If you are particular about the particulars, enjoy building things that didn't exist before and making the things that do exist work better, this is a strong fit.

In This Role, You Will Be Expected To:

• Execute Risk & Compliance Initiatives: Manage and deliver privacy, security, and compliance projects, ensuring alignment with organizational goals and timelines.
• Identify and Mitigate Risks: Proactively assess operational, IT, and data privacy risks, partnering with cross-functional teams to implement effective mitigation strategies.
• Build and Improve Frameworks: Develop, maintain, and enhance compliance frameworks, policies, and procedures aligned with evolving regulations (PIPEDA, COPPA, GDPR) and industry standards.
• Support Audits and Assessments: Coordinate third-party audits (e.g., SOC 2, PCI DSS) and conduct internal assessments to ensure ongoing compliance.
• Strengthen Security Practices: Support software security improvements and contribute to initiatives that enhance controls and reduce risk exposure.
• Manage Security Incidents: Lead or support incident response activities, including investigation, documentation, communication, and remediation.
• Review and Resolve R&C Requests: Triage and respond to compliance-related tickets and inquiries, providing timely guidance and solutions to internal teams.
• Research and Apply Regulatory Standards: Stay current on privacy laws and industry requirements, translating them into practical policies and operational processes.
• Communicate and Report: Prepare clear, accurate compliance documentation and reports for internal stakeholders, clients, and auditors.
• Engage with Stakeholders: Liaise with clients, vendors, auditors, and internal teams to address compliance requirements and support ongoing initiatives.
• Deliver Training and Awareness: Support training efforts and help foster a culture of data security and compliance across the organization.

Qualifications

• 5+ years of experience in privacy, data security, compliance, and risk management.
• Postgraduate education in cybersecurity or a related field.
• Strong understanding of Canadian privacy laws and regulations.
• Experience in providing training and developing policy documents related to privacy and compliance.
• Project management experience; PMP certification is a strong asset but not required.
• Bonus points if you have a CIPP/C, CIPM, or other relevant privacy/security certifications.

Requirements

• Proactive and confident in engaging with stakeholders across various levels.
• Strong interpersonal skills with the ability to build and maintain cross-team relationships.
• Excel at evaluating, assessing, and troubleshooting complex issues.
• Thrive in dynamic environments with the ability to multitask and manage competing priorities.
• Extroverted and energized by collaborative work settings.
• Demonstrate a proactive approach to problem-solving and continuous improvement.
• Have strong proficiency in Microsoft 365, with an interest in IT and technology (IT background is an asset).

Benefits

• Employee Stock Ownership Plan (ESOP).
• Full medical, dental, and vision coverage.
• Life insurance and disability insurance.
• Health spending account.
• Flexible working hours.
• On-the-job training and growth opportunities.
• Free on-site parking.
• $75,000 - $95,000 a year.