Princess Auto is a private, Canadian-owned company employing over 3,000 Team Members, with our Home Office in Winnipeg, Manitoba. We provide hard-working Canadians with a unique assortment of tools and equipment through more than 50 stores coast-to-coast, a National Call Centre, and our online store.
Overview of the Position
Under the supervision of the Privacy Officer, the Privacy Compliance & Risk Analyst supports the Enterprise Risk team in collaboration with other key stakeholders to develop, implement, monitor and evaluate privacy operations across all areas of the business. The Privacy Compliance & Risk Analyst will have oversight of our data privacy governance model and will drive our privacy risk assessments for new projects, systems and other initiatives.
Key Accountabilities:
- Monitors compliance and manages key functions including but not limited to privacy risk assessments, data protection and concerns relating to business processes (e.g. RFP questions, audit checklists and vendor assessments and agreements)
- Provides in-depth understanding of relevant Canadian, US and international legislation (including PIPEDA and PCI DSS) and regulations that drive privacy operations and methodologies
- Evaluates current capabilities against requirements and makes recommendations to business teams and executive leadership, including the interpretation of privacy laws, government and internal policies and industry standards
- Develops and updates procedures around organizational privacy and compliance including guidance on maintaining appropriate privacy and confidentiality consents, authorization forms and other materials
- Evaluates proposed and existing systems for compliance within privacy framework set of standards. Prepares recommendations for business process changes to drive privacy compliance
- Ensures the company privacy program defines, develops, maintains, and implements policies and processes to enable consistent, effective privacy-compliant practices that minimize risk, balance operational imperatives, and ensure the confidentiality of personal information
- Oversees the process for receiving, documenting, tracking, investigating, and acting on all privacy related complaints and breaches in coordination with other similar functions and, when necessary, external legal counsel
- Maintains a registry for privacy-related updates, regulatory changes, and privacy by design technical advancements
- Supports the Enterprise Risk team in the delivery of departmental objectives
To be successful in this role, you will need:
- 5+ years’ experience in compliance and privacy program development and maintenance and/or data privacy risk management
- Certified Information Privacy Manager (CIPM) or Canadian Risk Management (CRM) designation would be considered an asset
- Broad understanding of regulatory compliance and privacy legislation such as PCI DSS, PIPEDA, GDPR, and CCPA. Advanced knowledge of information assurance technologies and principles
- Proven ability to build and maintain strong relationships with internal and external key stakeholders
- Experience managing levels of risk tolerance against risk exposure, and the ability to balance this with risk investments
- Strong analytical and problem-solving skills
- Highly ethical and able to maintain confidentiality of sensitive and proprietary information
- Excellent attention to detail with exemplary time management and communication skills
- Demonstrated ability of exercising judgment and making decisions independently
What our unique and fun world can offer you:
At Princess Auto, we strive to be unique . . . in our product selection, our Team Members and in our Leadership. We share information. We value opinions and collaboration from all our people across the company, regardless of position or scope of responsibility and work as a collective team in a supportive environment. We strive to provide Royal Service, our high standard of serving not just our customers, but each other, and it is a philosophy we embrace and demonstrate every day. In addition, our Team Members receive:
- Competitive Compensation
- Company-funded, comprehensive benefits package
- Long-term Disability coverage
- Annual Profit Sharing Plan
- Deferred Profit Sharing Plan
- Company Pension Plan
- Group RRSP
- Maternity Leave top-up plan
- Discount at our retail stores
- Free parking
- Training and professional development opportunities
- Opportunities for advancement and relocation
- Paid personal days
Accessibility
Princess Auto Ltd. will consult with all applicants requesting accommodation during the recruitment process to ensure that the accommodation provided takes into account the applicant’s individual accessibility needs.