Manager, Data Protection and Information Security

Montréal, Canada
mardi 15 mai 2018
Date limite
dimanche 10 juin 2018
Temps Plein

Manager, Data Protection and Information Security

Group:  Legal Affairs
Reports to:  Director, Legal Affairs
Location:  WADA Headquarters, Montreal, Canada

Job Function 

   The responsibilities of the Data Protection and Information Security Manager (DPISM) include; advising on WADA’s compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada and the European Union’s new General Data Protection Regulation (GDPR), as well as local data protection laws; monitoring our adherence to PIPEDA/GDPR standards; and acting as a point of contact with relevant authorities. You will also create policies that enforce compliance with legislation and deliver training to our staff to increase awareness of data protection measures.
To be successful in this newly created role, you should have in-depth knowledge of PIPEDA, GDPR and relevant local data protection laws and be familiar with our industry and the nature of its data processing activities. You should also know how to perform audits to our current procedures.
Ultimately, you will facilitate GDPR/PIPEDA compliance through transparent data protection policies, systems and procedures.

Key Functions

• Act as point of contact with Canadian, Swiss, European Union and other relevant supervisory authorities and internal teams;
• Be accountable for progressive integration of the global information security function to enable secure delivery of services to our stakeholders, protection of all data under our care and expert consultation on the management of risk.
• Develop and maintain an in-depth understanding of processes, systems, technologies, data, stakeholders and partners;
• Partner with WADA Compliance, IT, HR, Legal resources to achieve effective working relationships that can further the effectiveness of the Security program and ensure privacy by design at all levels;
• Identify and evaluate the organization’s data processing activities;
• Provide advice and instructions on how to conduct Data Protection Impact Assessments (DPIAs);
• Provide advice on the evolution of WADA’s International Standard for the Protection of Privacy and Personal Information (ISPPPI);
• Monitor data management procedures and compliance within WADA;
• Proactively identify non-conformities and areas of potential improvement and facilitate the development of pragmatic solutions to address issues;
• Maintain records of processing operations;
• Ensure we address all queries from data subjects within legal timeframes (e.g. delete their information from our databases);
• Liaise with other organizations that process data on our behalf;
• Write and update detailed guides on data protection policies;
• Perform privacy audits and determine whether we need to alter our procedures to comply with regulations;
• Offer consultation on how to deal with privacy breaches;
• Arrange for training on PIPEDA and GDPR compliance for employees;
• Follow up with changes in privacy and data security law and issue recommendations to ensure compliance;

Profile – Knowledge, Skills & Abilities

• Minimum BSc in Law or relevant field;
• Minimum 5 years’ experience in a data protection and legal compliance role;
• Solid knowledge of GDPR and PIPEDA and national data protection laws;
• Bilingual, French and English, both oral and written skills;
• Additional language skills an asset;
• Knowledge of data processing operations in WADA’s sector of business is preferable;
• Familiarity with computer security systems;
• Ability to handle confidential information;
• Ethical, with the ability to remain impartial and report all non-compliances;
• Very precise and detail-oriented;
• Very good organizational skills;
• Very good analytical skills;
• Very good drafting skills;
• Some travel required.
• Periodic evening and/or weekend work expected.
• Fit with culture and organization values e.g. teamwork, team spirit and love of sport.