Compliance Manager, Privacy

at  Sun Life

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You’ll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you’ll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

JOB DESCRIPTION:

Reporting to the AVP Compliance, the Manager will be involved in all aspects of the program. This role is an opportunity for a compliance professional with strong analytical and communication skills to work across all Canadian Business Units.

• Advise Business partners and help stakeholders identify key privacy controls to ensure compliance with regulatory requirements, Sun Life policies and best practices; oversee input of controls into Archer;
• Summarize and communicate privacy risks to the business, risk, legal and compliance, as needed, ensuring their understanding of the materiality of issues and required actions, Assist the business in finding innovative solutions that balance regulatory requirements, individual expectations and business objectives;
• Work with and oversee 1LoD in identifying, classifying, mitigating and reporting privacy incidents; support development of new Incident Tracker;
• Coordinate breach and other notifications to Canadian Privacy Commissioners. Respond to regulators’ inquiries and investigations;
• Support project to align privacy-related activities with three lines-of-defence accountabilities;
• Contribute to the evolution of the components of the Canadian Privacy Program, such as Privacy Impact Assessments, monitoring and testing, privacy incident management;
• Identify knowledge gaps and training needs, and contribute to development of training modules, communication and other educational content;
• Support the privacy reporting process by ensuring data integrity and necessary adjustments, providing perspective on trends, insights and opportunities for improved visualization;
• Stay informed of evolving regulatory requirements and regulators’ expectations, industry best practices and trends in privacy, manage regular bi-weekly meetings tracking C-27 developments; and
• Participate in groups addressing new privacy trends and requirements (e.g. data portability, bias, advanced analytics/AI).