Privacy and Compliance Analyst

BIS Safety Software is a SaaS company looking for a Privacy and Compliance Analyst to support their Risk & Compliance initiatives. The ideal candidate will have 5+ years of experience in privacy, data security, compliance, and risk management, and a postgraduate education in cybersecurity or a related field. The role involves executing risk & compliance initiatives, identifying and mitigating risks, building and improving frameworks, and supporting audits and assessments.

Requirements

• Execute Risk & Compliance Initiatives: Manage and deliver privacy, security, and compliance projects, ensuring alignment with organizational goals and timelines.
• Identify and Mitigate Risks: Proactively assess operational, IT, and data privacy risks, partnering with cross-functional teams to implement effective mitigation strategies.
• Build and Improve Frameworks: Develop, maintain, and enhance compliance frameworks, policies, and procedures aligned with evolving regulations (PIPEDA, COPPA, GDPR) and industry standards.
• Support Audits and Assessments: Coordinate third-party audits (e.g., SOC 2, PCI DSS) and conduct internal assessments to ensure ongoing compliance.
• Strengthen Security Practices: Support software security improvements and contribute to initiatives that enhance controls and reduce risk exposure.
• Manage Security Incidents: Lead or support incident response activities, including investigation, documentation, communication, and remediation.
• Review and Resolve R&C Requests: Triage and respond to compliance-related tickets and inquiries, providing timely guidance and solutions to internal teams.
• Research and Apply Regulatory Standards: Stay current on privacy laws and industry requirements, translating them into practical policies and operational processes.
• Communicate and Report: Prepare clear, accurate compliance documentation and reports for internal stakeholders, clients, and auditors.
• Engage with Stakeholders: Liaise with clients, vendors, auditors, and internal teams to address compliance requirements and support ongoing initiatives.
• Deliver Training and Awareness: Support training efforts and help foster a culture of data security and compliance across the organization.

Benefits

• Employee Stock Ownership Plan (ESOP)
• Full medical, dental, and vision coverage
• Life insurance and disability insurance
• Health spending account
• Flexible working hours
• On-the-job training and growth opportunities
• Free on-site parking