Privacy and Compliance Analyst at bis

BIS Safety Software is a SaaS company on a mission to change how organizations manage safety, learning, and compliance. Since 2006, we've been building an innovative software solution in a space where trust and data integrity matter. As we grow, so does the need to strengthen how we manage risk, protect client data, and meet evolving regulatory standards. We are expanding our team and are looking to add a Risk and Compliance Team Lead who excels in risk management and compliance.   About the Role You'll lead a small team, set priorities, and build the frameworks and processes that keep our business, our clients, and our data protected. This role sits at the intersection of security, privacy, and operations - working across teams to identify risks, close gaps, and ensure our software meets the standards our clients depend on. This is a hands-on leadership role. You'll set direction for the function while staying close to the work, and you'll have real influence over how compliance and risk management grow at BIS. If you are particular about the particulars, enjoy building things that didn't exist before and making the things that do exist work better, this is a strong fit. This is an in-person role based out of our Sherwood Park, AB office.  In This Role, You Will Be Expected To: • Execute Risk & Compliance Initiatives: Manage and deliver privacy, security, and compliance projects, ensuring alignment with organizational goals and timelines. • Identify and Mitigate Risks: Proactively assess operational, IT, and data privacy risks, partnering with cross-functional teams to implement effective mitigation strategies. • Build and Improve Frameworks: Develop, maintain, and enhance compliance frameworks, policies, and procedures aligned with evolving regulations (PIPEDA, COPPA, GDPR) and industry standards. • Support Audits and Assessments: Coordinate third-party audits (e.g., SOC 2, PCI DSS) and conduct internal assessments to ensure ongoing compliance. • Strengthen Security Practices: Support software security improvements and contribute to initiatives that enhance controls and reduce risk exposure. • Manage Security Incidents: Lead or support incident response activities, including investigation, documentation, communication, and remediation. • Review and Resolve R&C Requests: Triage and respond to compliance-related tickets and inquiries, providing timely guidance and solutions to internal teams. • Research and Apply Regulatory Standards: Stay current on privacy laws and industry requirements, translating them into practical policies and operational processes. • Communicate and Report: Prepare clear, accurate compliance documentation and reports for internal stakeholders, clients, and auditors. • Engage with Stakeholders: Liaise with clients, vendors, auditors, and internal teams to address compliance requirements and support ongoing initiatives. • Deliver Training and Awareness: Support training efforts and help foster a culture of data security and compliance across the organization. You Might Be the Right Fit If You: • Proactive and confident in engaging with stakeholders across various levels • Strong interpersonal skills with the ability to build and maintain cross-team relationships • Excel at evaluating, assessing, and troubleshooting complex issues • Thrive in dynamic environments with the ability to multitask and manage competing priorities • Extroverted and energized by collaborative work settings • Demonstrate a proactive approach to problem-solving and continuous improvement • Have strong proficiency in Microsoft 365, with an interest in IT and technology (IT background is an asset). Qualifications we are looking for: • 5+ years of experience in privacy, data security, compliance, and risk management. • Postgraduate education in cybersecurity or a related field. • Strong understanding of Canadian privacy laws and regulations. • Experience in providing training and developing policy documents related to privacy and compliance. • Project management experience; PMP certification is a strong asset but not required. • Bonus points if you have a CIPP/C, CIPM, or other relevant privacy/security certifications Compensation and benefits: • Employee Stock Ownership Plan (ESOP) • Full medical, dental, and vision coverage • Life insurance and disability insurance • Health spending account • Flexible working hours • On-the-job training and growth opportunities • Free on-site parking About BIS:   BIS Safety Software has been headquartered in Sherwood Park, Alberta, since 2006. We build software that helps organizations manage safety training, learning, and compliance - and we’re growing!   A few things that make us different: we don’t use job titles internally - we value humility and contribution over hierarchy. We move fast, integrate new ideas quickly, and give people real ownership of their work. And through our Employee Stock Ownership Plan (ESOP), you have the opportunity to own a piece of the company you’re helping build.   How to apply:   Visit our Careers Page for more information. We sincerely thank all applicants for their interest. Only those selected for interviews will be contacted.   We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us   Job ID #L202603-26CRC