Job Posting : Data Protection and Risk Officer
Position Title : Data Protection and Risk Officer
Reporting to : EVP Organizational Performance, Culture & Strategy
Department : Operations
Job Summary
We are seeking a highly skilled and experienced Data Protection and Risk Officer to join our
team. Reporting to the EVP of Organizational Performance, Culture, and Strategy, you will
be a key member of the Operations department, which includes GRC, HR, and Program
Management teams. Your primary responsibility will be to lead our data protection and
risk management program, ensuring compliance with global regulations and best practices.
You will work closely with various teams, including Sales, HR, Engineering and
IT / DevOps / SecOps / CloudOps to advise on compliance matters, implement and monitor IT
compliance activities, and foster a culture of security and privacy throughout the
organization.
Responsibilities
develops, maintains and implements policies and processes that enable consistent,
effective information security practices which minimize risk and ensure the
integrity, confidentiality and availability of information that is owned, controlled
and processed within Explorance
within the organization
behavioral changes for the business
to mitigate risk as necessary
controls needs are addressed
Serve in a leadership and functional role for security compliance
privacy compliance programs including policies, practices and investigations, and
acts as the point of contact for the information systems and compliance
departments
mitigation and remediation. Responsible for development and implementation of
security risk management plan
activity is appropriate. Such activity would include, but is not limited to, logons and
logoffs, file and system access
confidentiality and Privacy statements
workforce
within the organization and related entities
monitoring of all business agreements, to ensure security concerns, requirements,
and responsibilities are addressed
which may result in a privacy breach.
well as certification requirements and accreditation standards.
questions and issues
SOC reports reviews or other control assurance reports
Professional Experience / Qualifications
Management or a related IT security certification such as CISSP, CISM, CISA, CCSP
ISO , OWASP
PIPEDA, FERPA, GDPR, FedRAMP
controls testing ( SOC), and industry technology risk management frameworks, as well as familiarity with SDLC and Project Management methodologies
Additional Requirements
presentation skills
goals.
Continuity compliance
Data Protection and Risk Officer • Montreal, Quebec