Direct message the job poster from Data Privacy Recruitment Ltd
Hugo Brown
Senior Data Privacy & Protection Analyst
Full-time permanent position
Remote working role with visits to Ontario head offices to get up and running in the role
International large scale and well-respected logistics group
Reporting to head of data protection in Canada and working with senior data privacy and protection
Position Responsibilities may include, but not limited to:
In coordination with the designated Company’s multidisciplinary team, the Data Privacy & Protection – Senior Privacy Advisor will implement and manage the privacy program for Canada including:
Verify & ensure the application of all data protection regulations according to Canadian legislation.
Ensure the implementation of the data protection and privacy program, including, but not limited to, the development and implementation of policies, risk assessments (e.g., third party risks, confidentiality, data protection), user management, roles, and permissions, troubleshooting, onboarding, etc. Includes the identification of technologies to support the objectives of the policies and supporting risk assessments.
Build key relationships with business leaders to effectively function as a trusted advisor
Manage data subject requests to fulfilment to meet regulation deadlines.
Undertake or have performed assessments aimed at identifying risks related to data protection and confidentiality.
Advise the business and IT teams on good “Privacy by Design” practices.
Advise on and undertake due diligence and contract negotiation efforts regarding data protection and privacy. Ensure adequacy of Data Protection Agreements.
Build a privacy-first culture and comply with privacy laws by developing and delivering data protection and privacy training and awareness programs.
Develop best practice guidelines based on real situations to support the requirements of the customer while still maintaining strong data protection & privacy practices. Escalating requirement issues where needed.
Respond to questions from business colleagues on application of compliance program in applicable line of business, country(ies) or specialty area.
Participate in the development of personal data processing registers that include information processes and related third-parties, retention periods, legal bases for processing, and other pertinent information.
Develop data inventory & mapping automation through data discovery and classification.
Maintain the integrity of the business data, systems and processes at all times.
Support and provide guidance on proper practices when it relates to international data transfer assessments.
Support the enterprise-wide data protection and privacy program, ensuring that information on all media and formats is properly referenced, documented and that their conditions and retention period are clearly defined.
Manage and enforce retention policies and data deletion for all employees across the business.
Support team with handling Personal Data & Security Governance, Risk & Compliance, Security Incident Management, appropriate communication, and coordinate with investigations team wherever necessary. Includes participating in and advising on security incidents and investigations or privacy complaints and undertaking reporting and remedial actions as necessary.
Supervise and report on monitoring activities; ensure proper documentation.
Other projects or duties as assigned.
Support the enterprise-wide data protection and privacy program, ensuring that information on all media and formats is properly referenced, documented and that their conditions and retention period are clearly defined.
Manage and enforce retention policies and data deletion for all employees across the business.
Support team with handling Personal Data & Security Governance, Risk & Compliance, Security Incident Management, appropriate communication, and coordinate with investigations team wherever necessary. Includes participating in and advising on security incidents and investigations or privacy complaints and undertaking reporting and remedial actions as necessary.
Supervise and report on monitoring activities; ensure proper documentation.
Other projects or duties as assigned
Required Skills and Experience:
Bachelor’s degree in any discipline and 3-5 years of experience in managing Data Privacy issues
3-5 years of experience with PIPEDA: DPIA, Data Mapping including assessments in Records of Processing Activity and Vendor Risk Management
Excellent communication skills in both English and French - both written and verbal fluency required- Highly collaborative with outstanding communication and relationship management skills
Strong interpersonal and presentation skills with the ability to communicate succinctly and effectively across all levels of the organization
Experience using project management tools or similar
Experience developing and deploying project management best practices, procedures, and processes
Experience as a OneTrust administrator desirable
This job requires the ability to travel 10% on an annual basis
Preferred Skills and Experience:
Professional certification in information privacy/protection (i.e., CIPP/C; CIPM; CIPT) is
OneTrust
Tenacity, determination, rigor, ability to lead audits, document and follow up on fixes until the objectives defined by the company are reached
Good communication and advanced writing and presentation skills
Strong organization skills
Ability to work with autonomy
Excellent interpersonal skills
Ability to nurture internal relationships
Experience drafting privacy notices; managing data incidents; leading Privacy Impact Assessments; negotiating contracts; leading regulatory change management programs; drafting policies and procedures
Exposure to other global Data Protection laws (ex: CPRA, LGPD, GDPR, HIPAA)
Enjoys working in an international team environment with different cultures
For more information, please get in contact.
Data Privacy Recruitment Ltd
Recruitment services for privacy/data protection practitioners and lawyers