Privacy & Compliance Manager - Laval, Canada - Altasciences

Altasciences
Altasciences
Verified Company
Laval, Canada

1 month ago

Sophia Lee

Posted by:

Sophia Lee

beBee Recruiter
Description
Your New Company

At Altasciences we all move in unison to assist and work in the discovery, development, and manufacturing of new drug therapies to get them faster to people who need them.

No matter your role, we all play an important part and you will have a significant impact on the health and well-being of people across the globe.

By living our values of Employee Development, Customer Focus, Quality and Excellence, Respect and Integrity, we look to foster a passionate and collaborative work environment and we are looking for talented and enthusiastic people, like you, to join our growing team Whether you're a recent college graduate or seeking your next career opportunity, it's time to discover your future at Altasciences.

We are better together and together We Are Altasciences.

About The Role
The Privacy & Compliance Manager plays a vital role in keeping the organization's proprietary and sensitive information secure.

They provide strategic guidance and second line of defense oversight to improve company-wide operational processes to establish, measure and improve privacy practices.

They work inter-departmentally to create, identify and correct flaws in the company's privacy program and practices, as well as being key in the company's security program and certification objectives.

The Privacy & Compliance Manager is responsible for ensuring the company's sensitive information is protected from unauthorized access. This includes both online and on-premises infrastructures.


The primary functions are to develop and manage the privacy and data protection strategy, and to be responsible for supporting information security governance, specifically related to applicable privacy regulations (including GDPR, CCPR/CCPA, Quebec Law 25, etc.) as well as assisting and guiding Altasciences in ISO 27000/NIST certification and compliance.

What You'll Do Here

  • Conduct Privacy audits to determine current state and required actions (gap analysis).
  • Develop a sustainable process to ensure effective coverage for the various Technology teams, including representation and participating in key forums (IT Policies, Standards, and Procedures.
  • Develop methodology and document processes/process flows to ensure proper identification, capture and syndication of privacy including tracking/reporting on open risks, actions, remediation plans that provide transparency into key risks.
  • Perform Privacy Impact Assessments as required.
  • Assess and analyze privacy requirements, current state environment and technology platforms to define and propose solutions both administrative and technical to meet our Privacy obligations.
  • Improve, and where needed, create our Privacy Program
  • Assess our current state against ISO and/or NIST certification requirements.
  • Maintain the Privacy Register
  • Liaison with external Sponsor and Providers on Privacy matters
  • Maintain and update or create any required Privacy Policies and procedures.
  • Review and as needed uplift existing policies and procedures regarding data privacy.
  • Ensure that local and regional privacy requirements are satisfied while driving towards consistent, rationalized processes.
  • Monitor effectiveness of, and implement improvements to, processes for capturing and actioning customer privacy preferences and choices.
  • Implementation of common privacy industry standards/regulations.
  • Ensure that any new privacy requirements are communicated to business unit management and an appropriate implementation plan is developed and executed.
  • Conduct Privacy internal audits.
  • Maintain a current knowledge of privacy laws and regulations.
  • Work with IT to implement technical solutions (e.g., Data loss Prevention, etc.).
  • Work with the business to improve Privacy practices.
  • Engage with stakeholders to drive proactive selfidentification of privacy risks, and issues.
  • Assist IT and the business in its information security compliance goals (i.e., ISO 27000/NIST).
What You'll Need to Succeed

  • Bachelor's Degree or at least 5 years equivalent work experience in a similar role.
  • Certification by IAPP or other recognized certification body.
  • Very good knowledge of GDPR (UK GDPR is also fine).
  • Knowledge of technical computer solutions and challenges.
  • Current knowledge of the main Privacy regulations.
  • Experience with the implementation of a privacy program.
  • Previous Audit experience.
  • Knowledge of information security and standards (i.e., ISO, NIST)
  • Ability to travel to various sites (approx. 20%)
  • Office is home based.
  • Excellent communication skills, both verbal and written.
  • Ability to interact with business partners at all levels of the organization to collect and document integration requirements.
  • Excellent customer service and ability to work collaboratively with others.
  • Excellent analytical and problemsolving skills.
  • Keen eye for detail and organization.
  • Ability to work effectively and independently in geographically dispersed crossfun
More jobs from Altasciences
See all jobs of Altasciences