What’s the opportunity?
As the Privacy Specialist, you will manage access requests, triage incidents, conduct research, develop education tools and resources, facilitate training, support operational procedures, handle day-to-day compliance with privacy obligations and ensure proper documentation of requirements. You will be responsible for operationalizing policy and procedure governance requirements, assisting with privacy impact assessments, providing Privacy by Design advice to our business lines and supporting risk management.
What you’ll get to do:
- Acts as Privacy SME/advisor for Coast Capital Group of Companies, supporting projects and business lines (as assigned), providing advice on Privacy Principles and Privacy by Design, and conducting low-risk privacy assessments.
- Processes and tracks all data subject requests.
- Tracks, assesses, and responds to privacy incidents and complaints, escalating where required due to risk. (Includes containment, management and notification if needed, training plan and HR reporting, as necessary).
- Maintains accurate record-keeping to meet regulatory requirements.
- Monitors legislative changes on OIPC/OPC sites for regulatory guidance and regulatory changes and ensures the Privacy Team and Privacy Reps are aware of any updates.
- Prepares ongoing education and training materials and communication for all Privacy Reps, including maintaining the MyCoast Page, as well as prepares continuing education and training materials for the organization
- Monitors and supports the development of internal procedures for the business units to ensure compliance with Privacy Policies/Procedures.
- Develops and optimizes Privacy Office Procedures and conducts legal and industry-specific research for the Privacy Office.
- Supports the Privacy Office with tactical implementation of privacy programs and organizational strategic initiatives, as needed.
Who are we looking for?
- High School and a Diploma in business or related areas.
- Specialized Certification/Professional Designation: CIPP/C or AAPP, CAPP or MAPP preferred
- 4 – 6 years of experience in Risk Management/Legal/Data Security may be considered.
- Problem-solving experience (e.g. conducting analysis/investigation/identifying action items). Previous experience with privacy legislation, other legislation, compliance or operational risks is an asset.
- Conceptual and practical understanding of operational risks/prevention strategies applicable to financial institutions (across all business units and channels of delivery
- Understanding of CCS operational processes and policies
- Strong ability to work with a wide variety of business software applications
- Comfortable working directly with the general public
- Comfortable handling highly confidential and sensitive information
- Strong problem-solving and decision-making skills and the ability to work autonomously
- Ability to take ownership of projects and to be a self-starter
- Strong verbal and written communication skills
- Proactive thinker to recognize risk and escalate as appropriate
- Ability to use sound judgement and make quick decisions.
- Strong ability to manage a wide variety of tasks and systems simultaneously.
- Analytical thinker with the ability to understand complex systems and policies and how they interact with standards and products, and able to make risk-based business recommendations.
- Ability to communicate legislative requirements in the form of coaching.
- Ability to communicate risk and action steps with the front line, vendors, Executive-level leaders and regulators.