Support risk and compliance initiatives for a SaaS company: manage privacy/security projects, assess and mitigate IT and data privacy risks, build compliance frameworks (PIPEDA, COPPA, GDPR), coordinate audits (SOC 2, PCI DSS), support incident response, respond to compliance requests, liaise with stakeholders, and deliver training and documentation.
BIS Safety Software is a SaaS company on a mission to change how organizations manage safety, learning, and compliance. Since 2006, we've been building an innovative software solution in a space where trust and data integrity matter. As we grow, so does the need to strengthen how we manage risk, protect client data, and meet evolving regulatory standards. We are expanding our team and are looking to add a Privacy and Compliance Analyst, who excels in risk management and compliance. BIS is headquartered in Sherwood Park, Alberta. We are open to filling this role remotely or in-person.
About the Role
As our dynamic and proactive Privacy and Compliance Analyst, you'll be instrumental in supporting our Risk & Compliance (R&C) initiatives, ensuring our operations align with privacy laws and industry standards. You'll work closely with various teams, providing guidance, managing projects, and facilitating risk processes to support our growth and scalability. If you are particular about the particulars, enjoy building things that didn't exist before and making the things that do exist work better, this is a strong fit.
This role is based in the Mountain Standard Time (MST) zone. For candidates located in the Edmonton area, this is an onsite position based out of our Sherwood Park office. For exceptional candidates located outside the region, we are open to discussing remote or periodic travel arrangements, provided they can effectively collaborate within MST business hours.
In This Role, You Will Be Expected To:
- Execute Risk & Compliance Initiatives: Manage and deliver privacy, security, and compliance projects, ensuring alignment with organizational goals and timelines.
- Identify and Mitigate Risks: Proactively assess operational, IT, and data privacy risks, partnering with cross-functional teams to implement effective mitigation strategies.
- Build and Improve Frameworks: Develop, maintain, and enhance compliance frameworks, policies, and procedures aligned with evolving regulations (PIPEDA, COPPA, GDPR) and industry standards.
- Support Audits and Assessments: Coordinate third-party audits (e.g., SOC 2, PCI DSS) and conduct internal assessments to ensure ongoing compliance.
- Strengthen Security Practices: Support software security improvements and contribute to initiatives that enhance controls and reduce risk exposure.
- Manage Security Incidents: Lead or support incident response activities, including investigation, documentation, communication, and remediation.
- Review and Resolve R&C Requests: Triage and respond to compliance-related tickets and inquiries, providing timely guidance and solutions to internal teams.
- Research and Apply Regulatory Standards: Stay current on privacy laws and industry requirements, translating them into practical policies and operational processes.
- Communicate and Report: Prepare clear, accurate compliance documentation and reports for internal stakeholders, clients, and auditors.
- Engage with Stakeholders: Liaise with clients, vendors, auditors, and internal teams to address compliance requirements and support ongoing initiatives.
- Deliver Training and Awareness: Support training efforts and help foster a culture of data security and compliance across the organization.
You Might Be the Right Fit If You:
- Proactive and confident in engaging with stakeholders across various levels
- Strong interpersonal skills with the ability to build and maintain cross-team relationships
- Excel at evaluating, assessing, and troubleshooting complex issues
- Thrive in dynamic environments with the ability to multitask and manage competing priorities
- Extroverted and energized by collaborative work settings
- Demonstrate a proactive approach to problem-solving and continuous improvement
- Have strong proficiency in Microsoft 365, with an interest in IT and technology (IT background is an asset).
Qualifications we are looking for:
- 5+ years of experience in privacy, data security, compliance, and risk management.
- Postgraduate education in cybersecurity or a related field.
- Strong understanding of Canadian privacy laws and regulations.
- Experience in providing training and developing policy documents related to privacy and compliance.
- Project management experience; PMP certification is a strong asset but not required.
- Bonus points if you have a CIPP/C, CIPM, or other relevant privacy/security certifications
Compensation and benefits:
- Employee Stock Ownership Plan (ESOP)
- Full medical, dental, and vision coverage
- Life insurance and disability insurance
- Health spending account
- Flexible working hours
- On-the-job training and growth opportunities
- Free on-site parking
About BIS:
BIS Safety Software has been headquartered in Sherwood Park, Alberta, since 2006. We build software that helps organizations manage safety training, learning, and compliance - and we’re growing!
A few things that make us different: we don’t use job titles internally - we value humility and contribution over hierarchy. We move fast, integrate new ideas quickly, and give people real ownership of their work. And through our Employee Stock Ownership Plan (ESOP), you have the opportunity to own a piece of the company you’re helping build.
How to apply:
Visit our Careers Page for more information. We sincerely thank all applicants for their interest. Only those selected for interviews will be contacted.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us
Job ID #L202603-26CRC
Similar Jobs
Productivity • Software • App development • Automation
Run pipeline, lifecycle, and demand programs to drive multi-seat B2B SaaS conversions. Build and execute full-funnel campaigns, manage HubSpot workflows and reporting, partner with sales on account targeting, and run customer advocacy, review-generation, and content initiatives to grow pipeline and bookings.
Top Skills:
Ai ToolsAutomation PlatformsCanvaCapterraFigmaG2HubspotMartech
Artificial Intelligence • Hardware • Healthtech • Software
The VP of Quality leads the development and maintenance of the Quality Management System (QMS), ensures compliance with ISO 13485, collaborates with engineering on product quality, and develops a high-performing quality team.
Top Skills:
CapaFmeaIec 62304Iso 13485Plm Software
Blockchain • eCommerce • Fintech • Payments • Software • Financial Services • Cryptocurrency
Design, build, and operate production ML decision systems to detect and prevent payment fraud, account takeover, scams, and other abuse. Integrate diverse signals into low-latency serving and batch scoring, own feature pipelines and model lifecycle, develop AI-assisted triage and feedback loops, and partner cross-functionally to balance fraud reduction with legitimate customer access.
Top Skills:
Cloud InfrastructureData LakehouseData WarehouseEmbeddingsFeature StoreJavaKafkaKotlinKubernetesLightgbmModel ServingMonitoringObservabilityPythonPyTorchSQLTensorFlowWorkflow OrchestrationXgboost
What you need to know about the Ottawa Tech Scene
The capital city of Canada and the nation's fourth-largest urban area, Ottawa has proven a rapidly growing global tech hub. With over 1,800 tech companies, many of which are leaders in their sectors, the city's tech talent now makes up more than 13 percent of its total workforce. This growth is driven not only by the big players like UL Solutions and Dropbox, but also by a thriving startup ecosystem, as new businesses emerge to follow in the footsteps of those that came before them.


