Avp, Privacy - Toronto, Canada - Foresters Financial Services, Inc.

Foresters Financial Services, Inc.

Verified Company

Toronto, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Career Opportunity

Role Title

AVP, Privacy & Compliance (Maternity Leave - 12 Month Contract)

Purpose of role

Reporting directly to the Chief Compliance Officer, this contract position will be responsible for maintaining robust enterprise-wide privacy, cybersecurity, and AI/model risk compliance (collectively, "privacy") programs that ensures Foresters adheres to sound and effective privacy and data management practices and complies with the many legal and regulatory obligations applicable to the collection, use, disclosure and retention of personal data in North America.

This position is also responsible for management and/or execution on day-to-day privacy risk management activities, including updating privacy policies and related privacy documentation, incident /breach management, training, privacy impact assessments, compliance reviews and reporting in accordance with applicable laws.

Job Description:

Key Responsibilities

Oversee a team of privacy compliance professionals to maintain an enterprisewide privacy program for a business operating in Canada, and the US, implements privacyrelated policies, compliance frameworks, processes, risk assessments, training, and ongoing compliance monitoring for the business.
Champion privacy efforts at Foresters across business lines.
Advise business lines of privacy risks for new / changing initiatives and work with the business lines to manage those risks, including conducting privacy impact assessments.
Work with IT and Information Security teams to ensure that security practices are consistent with privacy compliance requirements.
Stay abreast of applicable (Canada, US) privacy laws, regulations, trends, best practices, and accreditation standards.
Lead and support privacy reporting to Chief Compliance Officer and relevant stakeholders and business lines.
Oversee the delivery of privacy training and communications to ensure employees are wellinformed on key privacy issues.
Potentially serve as the external point of contact with privacy regulators with regard to potential privacy breaches and/or privacy related complaints.
Develop and maintain and/or execute processes to identify and address evolving privacy and data protection risks inherent in Foresters operations and in the development of new products/services.
Support the oversight of team members.
Initiate, facilitate and promote activities to foster information privacy awareness.
Work with legal counsel, management and internal stakeholders to ensure Foresters maintains appropriate privacy consents, authorizations, notices and materials reflecting current organizational and legal practices and requirements.
Contribute to the maintenance of a comprehensive incident response plan and ensure emerging privacy incidents / breaches are appropriately assessed and managed to resolution.
Support other Compliance team initiatives as required
Represent Foresters and attend various industry groups and /or committees to keep abreast of regulatory developments.

Key Qualifications

Law degree with minimum of 5+ years of directly related work experience in privacy, data protection/ data governance, or minimum of 8+ years of directly related privacy compliance work experience for USA and/or CAN
Experience in a compliance or risk management role in insurance, technology and/or regulated industries is an asset
CIPP, CIPM or similar professional designation is an asset
Well versed with private sector Canadian federal and provincial privacy laws and solid working knowledge of US privacy laws and privacy trends. Knowledge of UK Data Protection Act, as well as US state and federal privacy laws impacting life insurers is an asset
The ability to implement c practical approaches to privacy.
Familiarity with privacy issues in relation to digital /technology (e.g., mobile, cloud, data lakes, analytics, etc.)
Knowledge of information technology / information security concepts and processes that impact the protection of personal information is an asset
Ability to distill complex and often ambiguous legal concepts into effective operational solutions
Excellent collaboration and communications skills (oral, written, presentation), ability to build relationships, engage and influence others. Must be comfortable communicating with individuals at all levels of the organization.
Practices sound judgement; a high level of integrity and trust.
Strong analytical and problemsolving skills to interpret complex regulatory and/or legal concepts, diagnose challenges and issues and develop action plans and innovative business solutions.
Ability to gather information on complex issues and situations, systematically analyze and develop into a workable solution, considering various elements including risk and cost.
Ability to assess alternatives for short and long term impacts and act decisively and evaluate privacy and regulatory risks associated with business operations and make re