Senior Privacy Specialist to identify and address privacy requirements and support privacy compliance and risk management.

Job Type: Contract
Positions to fill: 1
Start Date: Oct 02, 2023
Job End Date: Jun 02, 2024
Pay Rate: Hourly: $ 92 - $ 105
Job ID: 132668
Location: Toronto

Our Client in the Energy and Utilities industry is seeking a Senior Privacy Specialist to identify and address privacy requirements and support privacy compliance and risk management.

Location: Remote with periodic in person meetings at Oakville

Duration: 9-month Contract with potential to hire.

The client is looking for a practical, solutions-oriented specialist with deep experience working with internal stakeholders to identify and address privacy requirements. The position is part of their Information Governance and Privacy (IGP) function which reports into the VP, Compliance and Ethics and is part of the Compliance and Risk Office.

Key Deliverables

  • Work with internal stakeholders including business and IT teams to develop and support the implementation of privacy requirements and solutions (e.g., designs, training, consent statements, policies) for a diverse range of initiatives including IT projects.
  • Perform privacy risk assessments on company initiatives and third parties and support the development and implementation of risk management plans.
  • Report on, and track recommendations/issues raised during privacy initiatives including risk assessments.
  • Undertake or support privacy operational activities such as incident management.
  • Conduct research and environmental scanning on privacy controls and emerging trends.
  • Support IGP projects and function maturation activities, e.g., assist with developing privacy policies and practices.
  • Develop strong relationships with stakeholders and foster a culture of privacy protection.

Must Haves: 

  • Minimum 5 years’ experience conducting privacy risk assessments, developing and implementing privacy solutions, privacy requirements, risk mitigation plans, corporate policies and developing and/or delivering training content.
  • 5 years’ work experience interpreting and applying privacy laws and requirements (particular interest in: US, Canada)
  • Experience assessing the design and operational effectiveness of internal controls.
  • Demonstrated experience in designing, implementing and operating privacy, security, compliance, and regulatory risk management practices and functions.
  • Good understanding of related disciplines, such as IT system design, policy development (privacy, information governance, compliance or security), business architecture, legal processes, business analysis, risk management, project management and compliance management
  • Knowledge of IT concepts, processes and solutions that impact the protection of personal information, including Internet tools, system interfaces, information security, information architecture, data flows and cloud services.

Nice to haves:

  • Interpreting and applying privacy laws and requirements (particular interest in: Europe, Bermuda, Chile)
  • Experience working in the energy and utilities sector.
  • International Association of Privacy Professionals (IAPP) certifications preferred.