Privacy and Compliance Analyst

Canada·Alberta,Sherwood Park,Sherwood ParkFull-timemid

Finance & AccountingOtherCompliance Analyst

0 views0 saves0 applied

Apply Now

Quick Summary

Requirements Summary

Prepare clear, accurate compliance documentation and reports for internal stakeholders, clients, and auditors. Engage with Stakeholders: Liaise with clients, vendors, auditors,

Technical Tools

Finance & AccountingOtherCompliance Analyst

BIS Safety Software is a SaaS company on a mission to change how organizations manage safety, learning, and compliance. Since 2006, we've been building an innovative software solution in a space where trust and data integrity matter. As we grow, so does the need to strengthen how we manage risk, protect client data, and meet evolving regulatory standards. We are expanding our team and are looking to add a Privacy and Compliance Analyst, who excels in risk management and compliance.

About the Role

As our dynamic and proactive Privacy and Compliance Analyst, you'll be instrumental in supporting our Risk & Compliance (R&C) initiatives, ensuring our operations align with privacy laws and industry standards. You'll work closely with various teams, providing guidance, managing projects, and facilitating risk processes to support our growth and scalability. If you are particular about the particulars, enjoy building things that didn't exist before and making the things that do exist work better, this is a strong fit.

This is an in-person role based out of our Sherwood Park, AB office.

Execute Risk & Compliance Initiatives: Manage and deliver privacy, security, and compliance projects, ensuring alignment with organizational goals and timelines.

Identify and Mitigate Risks: Proactively assess operational, IT, and data privacy risks, partnering with cross-functional teams to implement effective mitigation strategies.

Build and Improve Frameworks: Develop, maintain, and enhance compliance frameworks, policies, and procedures aligned with evolving regulations (PIPEDA, COPPA, GDPR) and industry standards.

Support Audits and Assessments: Coordinate third-party audits (e.g., SOC 2, PCI DSS) and conduct internal assessments to ensure ongoing compliance.

Strengthen Security Practices: Support software security improvements and contribute to initiatives that enhance controls and reduce risk exposure.

Manage Security Incidents: Lead or support incident response activities, including investigation, documentation, communication, and remediation.

Review and Resolve R&C Requests: Triage and respond to compliance-related tickets and inquiries, providing timely guidance and solutions to internal teams.

Research and Apply Regulatory Standards: Stay current on privacy laws and industry requirements, translating them into practical policies and operational processes.

Communicate and Report: Prepare clear, accurate compliance documentation and reports for internal stakeholders, clients, and auditors.

Engage with Stakeholders: Liaise with clients, vendors, auditors, and internal teams to address compliance requirements and support ongoing initiatives.

Deliver Training and Awareness: Support training efforts and help foster a culture of data security and compliance across the organization.

Proactive and confident in engaging with stakeholders across various levels

Strong interpersonal skills with the ability to build and maintain cross-team relationships

Excel at evaluating, assessing, and troubleshooting complex issues

Thrive in dynamic environments with the ability to multitask and manage competing priorities

Extroverted and energized by collaborative work settings

Demonstrate a proactive approach to problem-solving and continuous improvement

Have strong proficiency in Microsoft 365, with an interest in IT and technology (IT background is an asset).

5+ years of experience in privacy, data security, compliance, and risk management.

Postgraduate education in cybersecurity or a related field.

Strong understanding of Canadian privacy laws and regulations.

Experience in providing training and developing policy documents related to privacy and compliance.