Join us in Compliance to take on this exciting new opportunity where you will have the autonomy to make and implement new decisions related to business processes and be assigned clear targets to help the organization achieve key organizational goals. In Compliance, you will discover a strong support system consisting of friendly and willing-to-help colleagues, as well as, an enabling work environment and tools to measure your performance and be recognized for achievements. As a lead contact for all new and upcoming changes to compliance standards and regulations, you will be the go-to person and subject-matter expert on the topic and be assigned clear and achievable targets to help you drive compliance efforts forward.   

As the Senior Compliance Analyst, Privacy and Data Governance you will be primarily responsible for actively supporting the development, implementation and maintenance of the local Privacy Management System, Information Protection Framework, Data Governance Framework and Cybersecurity requirements in accordance with all relevant internal and external compliance and regulatory requirements.

You will actively support the development, implementation and maintenance of:

• Privacy Management System
  • Act as the deputy for the Data Privacy Protection Officer.
  • Privacy program design, implementation and automation.
  • Privacy program maturity assessments and roadmaps. 
  • Management of monitoring of relevant regulatory requirements related to Privacy. 
  • Regular privacy risk assessments, including Privacy Impact Assessments (PIA) and Data Privacy Protection requirements analyses. 
  • Develop and manage relevant Policies and Procedures. 
  • Regular communication towards Associates on Privacy matters. 
  • Development and delivery of privacy training for Associates. 
  • Implementation of compliance processes and tools. 
  • Privacy case management (e.g., inquiries by Associates, customers and authorities, complaints and incidents) including management of mitigating measures. 
  • Regular and ad-hoc reporting to local management and central compliance headquarters. 
  • Monitoring and testing-develop and execute privacy audit plans to ensure effectiveness of internal instruments and measures. 
  • Privacy breach response.
  • Build trusted advisor relationship with business units and Associates.
  • Lead privacy related projects.
  • Maintain Register of Processing Activities (RPA).
  • Administer the Data Loss Prevention (DLP) program.
  • Support vendor risk management.

• Information Protection Framework
  • Act as the deputy for the Information Protection Delegate.
  • Design, implement and manage Information Protection framework.
  • Regular Information Protection risk assessments.
  • Develop and maintain Policies & Procedures.
  • Develop and deliver training for Associates.
  • Regular and ad-hoc reporting to local management and central teams, including PerMIS controls.
  • Advice and support business units and Associates related to Information Protection.
  • Oversight over Information Classifications (ICL).
  • Execute periodic Information Protection awareness campaigns including Phishing.
  • Lead Information Protection related projects.

• Data Governance Framework
  • In collaboration with Data Management Governance Function (DMGF), design & deliver the data governance strategy in combination with company strategies and regulatory requirements. 
  • Define roles and responsibilities related to data governance and ensure clear accountability for stewardship of the information assets.
  • Facilitate the development and implementation of data quality standards.
  • Define indicators of performance and quality metrics and ensure compliance with data related policies and procedures.
  • Support data quality assessments, ascertain and receive data quality issues, and identify and prioritize improvements.  
  • Collaborate with Regional and Central Center of Excellence and implement best practices locally.
  • Develop data governance policies, standards and templates.

• Cybersecurity Organization
  • Align within the Region and support the successful implementation of Cybersecurity Program.
  • Monitor and report to senior management on a regular basis on matters related to Cybersecurity.
  • Support designing appropriate systems, methods, process and models for the early detection and mitigation of potential risks arising from cybersecurity aspects.

• Bachelor's Degree in related filed. 
• IAPP certification(s) such as CIPP, CIPM, and/or other related certifications. 
• 3-5 years of experience in related role (privacy/data governance/information protection), preferably in the Financial sector.
• Excellent understanding and working knowledge of privacy principles, frameworks and legislation such as privacy by design, Fair Information Principles, PIPEDA, and CASL. 
• Direct experience in the implementation of privacy / information protection programs as well as data governance framework.
• Demonstrated ability to lead cross functional initiatives on related topics, with strong attention to details, efficient time management, and collaboration.
• Experience with privacy/information protection/data governance technologies and tools.
• Experience in conducting Privacy Impact Assessments.
• Experience with data governance and data management practices.
• Excellent verbal and written communication skills, including public speaking/presentation skills. 
• Ability to readily recognize and evaluate the impact of current or potential compliance issues.
• Ability to interact at all levels of the organization.
• Strong written skills with the ability to draft policies and training materials.
• Effective time management skills, with the ability to manage multiple priorities and assignments.
• Ability to work independently.
• Fluent command of English (French would be an asset). 
• Strong computer skills; in particular, advanced skills in Excel and PowerPoint.
• Ability to work independently in a fast-paced environment and respond well under pressure and tight deadlines. 
• Self-Directed/Self-Starter (i.e. entrepreneurial, proactively identifies necessary and/or value-added tasks; appropriately self-identifies areas in which to engage).

Benefits of working at BMW Group Canada include: 

• An award winning culture.
• Cutting edge of innovation and creativity.
• Incredible BMW, Mini and Mottorad employee vehicle/motorcycle programs.
• Flexible working models.
• Highly competitive compensation.
• Performance incentives programs.
• First-rate health and wellness benefits.
• World-class office space.
• Enjoy fresh meals in our amazing fully staffed and subsidized onsite cafeteria.
• Energize at our fully loaded coffee/tea bar
   

BMW Group Canada is committed to attracting and retaining a diverse team of associates and creating an inclusive environment. BMW Group Canada does not discriminate against applicants based on race, national or ethnic origin, colour, religion, sex, sexual orientation, gender identity, or disability or any other status or condition protected by applicable federal, provincial or territorial law.

BMW has an accommodation process in place that provides accommodations for employees with disabilities. Accommodations for disabilities in relation to the job selection process are available upon request. If you require a specific accommodation because of a disability or a medical need, or you would like to learn more about our Accessibility policies, provide feedback or request documentation, please contact Accessibility@bmw.ca.