Director, Enterprise Privacy

About Symcor

Symcor enables secure data exchanges and supporting business processes, to help clients succeed in an evolving digital world. Trusted by Canada's largest institutions for over 25 years to support their digital transformations, Symcor aligns industry participants to solve common challenges in the most effective and efficient way.

**The Opportunity**:
As the Director, Enterprise Privacy, you will lead Symcor’s Enterprise Privacy Program within our Data & Trust Office. This role will be responsible for the development and enhancement of policies, risk practices, methodologies, and tools. You will partner with senior stakeholders across Symcor including Legal, Information Security, Enterprise Risk Management, Information Technology, Human Resources, and our Lines of Service to enable their data use cases, ensure changing regulatory and consumer expectations are reflected throughout Symcor’s operations and position Symcor’s Enterprise Privacy Program as a leader in this space that fosters trust in our practices.

**About The Role**:

- Maintain and enhance the enterprise privacy strategy, policies, procedures, and control standards, ensuring changes in regulation, consumer expectation and the operating environment are adequately reflected.
- Conducts appropriate risk assessments on new initiatives and vendors that contemplate the collection, use and disclosure of personal information.
- Lead the management of incident and breach remediation.
- Liaise with privacy regulators as directed by the VP, Privacy & Data Governance.
- Ensure the program is developed in-line with appropriate recognized standards and can be audited.
- Respond to client requests regarding aspects of the Symcor privacy program.
- Produce quarterly analysis and reporting on the state of privacy risk management across Symcor, evolving privacy risk appetite metrics, key performance indicators and key risk indicators, ensuring they remain relevant and well calibrated.
- Support demonstrable good governance of the program, working alongside risk stewards and lines of business to ensure robust privacy risk oversight practices and controls are in place; and
- Lead strategic initiatives, including in relation to emerging technologies and partnering with senior stakeholders across the organization.
- Initiates and designs policies, guidelines and procedures to drive privacy compliance across the enterprise. Areas of scope include privacy/record retention/CASL across the enterprise.
- Conduct privacy training as required.
- Manages the implementation of privacy/records retention and CASL compliance programs, systems and training.
- Initiates cross-functional efforts to drive organizational alignment and ensure compliance with privacy obligations.
- Manages the development and implementation of cross-functional compliance risk identification, monitoring and assessment procedures. Conducts and directs assessments to identify required compliance strategies and action plans for review with cross-functional teams and provide feedback and recommendations for process controls or policy improvements.
- Develops external relationships and alliances strengthening the company’s reputation within compliance community and leads regulatory outreach meetings, ensuring that the company’s compliance programs, policies, procedures and reports are communicated in a persuasive, accurate and understandable way and that sensitive data is protected. Monitors emerging compliance requirements, including new regulations, and develops strategies to respond to compliance risks.

**What You Need To Succeed**:
**Education**:

- University degree in law, business, finance, or a related field.
- Privacy Accreditation (IAPP).

**Experience**:

- Must have at least 8 to 10 years of experience in Privacy, Compliance, Legal, Audit and/or Enterprise Risk.

**Skills**:

- Expertise in privacy, regulatory compliance and regulatory risk management practices.
- Experience in senior roles within regulated institutions.
- Strong people management skills and a commitment to coaching and development.
- Ability to work cross-functionally with various stakeholders across the company and build trusted-based relationships.
- Strong ability to balance competing or conflicting goals of various departments and stakeholders, which requires a mature, diplomatic approach and highly developed negotiation and influencing skills.
- Strong ability to tactfully challenge leadership team, especially when there is a need to balance Privacy Risk and compliance requirements with competing objectives.
- Ability to communicate to non-privacy stakeholders complex privacy issues in a manner that can be easily understood.
- Attitude toward innovation / enablement.
- Proven experience interacting with clients, internal auditors, third-party assessors and/or external auditors.
- Building effective relationships with all levels of management.
- Ensures a high degree of attention to detail.
- Abilit