With $171.4 billion in assets as of December 31, 2015, the Ontario Teachers’ Pension Plan is the largest single-profession pension plan in Canada. An independent organization, it invests the pension fund’s assets and administers the pensions of 316,000 active and retired teachers in Ontario.
This Compliance Analyst role will support the implementation of the Compliance operating model and the advancement of the information security program maturity. The Compliance Analyst will assist with all the activities related to the development, implementation, maintenance and adherence to Teachers’ privacy policies and procedures, and administering certain aspects of OTPP’s data loss prevention program. The Compliance Analyst will assist with activities relating to the Code of Conduct compliance program, and will administer the regulatory change management process.
• Supports build out of the Privacy Compliance Program.
• Maintains privacy compliance databases for receiving, documenting, tracking and investigating privacy related complaints, incidents and inquiries.
• Conducts privacy related research as assigned.
• Facilitates and promotes initiatives to foster information privacy awareness within Teachers’ that support overall strategy.
• Facilitates ongoing privacy impact assessments and privacy risk analysis reviews.
• Supports the Director, Privacy Compliance in the development, refinement, documentation, implementation, monitoring, and testing of privacy compliance policies, procedures and controls.
• Liaises with stakeholders to ensure the integration of privacy controls into daily workflow. Periodically reviews workflow to validate controls.
• Evaluates third party service providers’ compliance with privacy controls and other contractual obligations.
• Supports Director, Privacy Compliance with privacy compliance projects as assigned.
Data Loss Prevention
• Performs daily data loss prevention monitoring.
• Identifies data loss prevention issues and presents timely recommendations to address such issues within tight timelines.
• Maintains data loss prevention databases for tracking data loss incidents.
• Prepares data loss prevention metrics on an ad hoc basis and for reporting to the Information Security Steering Committee.
• Coordinates all aspects of a data loss investigation (research, contact, escalation, follow-up, reporting), often on short notice.
• Provides accurate and timely responses to inquiries from the Information Security Operations team.
• Prepares and delivers data loss prevention training to various stakeholders.
• Supports the development, refinement, documentation, implementation, monitoring, and testing of data loss prevention policies, procedures and controls.
• Assists Director, Privacy Compliance with data loss prevention projects as assigned.
Code of Conduct
• Supports the Code of Conduct compliance program including onboarding and off-boarding related activities, tracking of training, and semi-annual certification process.
Regulatory Change Management
• Supports the administration of the regulatory change management process.
Job ID #: 371
Closing Date: December 28, 2016