We are currently seeking a Compliance Manager to join our Information Security team. This role can be performed from one of our Canadian offices, remotely across Canada, or a combination of both. Some exemptions may apply.
What your team does:
The Security Team is responsible for the protection of Clio and Clio’s customers data and operations, within this team the Compliance team brings a strong understanding of privacy law and industry certifications. The goal of this team is to help enhance the technical security measures in place by quantifying Clio’s posture through audit and accreditation processes. This is not your traditional environment, we are taking a new approach that leverages automation and policy as code to provide artifacts demonstrating adherence to the various applicable regulations and certifications.
A day in the life might look like:
- Own and oversee our privacy and compliance program;
- Effectively interpret and communicate compliance requirements to internal teams, and lead efforts to produce actionable plans to meet requirements;
- Involved in managing and sustaining the various privacy and compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders.
You may be fit for this role if you:
- Enjoy building and leading cross functional teams;
- Can effectively communicate regulatory and certification requirements to technical and non technical teams based on their needs and understanding;
- Ability to build relationships and influence decisions across the organization;
- Excited about finding new ways to achieve goals associated with compliance and accreditation.
Who You Are:
You are goal driven, hungry for success, and passionate about technology. You are comfortable influencing across multiple stakeholders and teams, and will advocate for what is right for Clio. You have the experience of overseeing and owning a privacy program, and are able to implement the right policies and procedures to set Clio up for long term success for everything related to privacy and security.
To do this, you’ll need to:
- Own regulatory compliance, driving data privacy and risk management initiatives across Clio and our markets (including EMEA);
- Collaborate cross-functionally and with leadership to mitigate compliance risk while supporting innovation and instilling best practices;
- Ensure compliance with all applicable data protection rules and regulations, particularly GDPR, PIPA, PIPEDA, and CASL;
- Implement and oversee risk management processes and procedures, including vendor onboarding, off-boarding, and contract negotiation, developing privacy and security awareness content for Clio employees to follow;
- Collaborate regularly as a member of the Security Team to answer privacy and security inquiries from customers and potential customers, drive incident response policy, and review internal controls;
- Build and lead a small team of compliance professionals to partner with the various business units to achieve and maintain compliance with various regulations as well as industry leading accreditations.
Serious bonus points if you have:
- 4+ years in a similar role within Compliance and Data Protection;
- Understanding of security controls, privacy, risk management framework and compliance models is a must;
- Direct experience with GDPR and PCI rules and regulations;
- Industry standard certifications (CHPS, CIPM, CIPP, CISSP, CISA, CISM, ISSMP, ISO 27001 Lead Implementer/Auditor, PMI).
Where your team works:
Clio is currently transitioning to a workplace that is distributed by design. This means that Clio offers employees more choice: the opportunity to work from one of our hub offices across Canada, remotely, or a combination of both. We have invested in best-in-class tools, technology, and culture to ensure our team members are able to do their best work whether they prefer to work from an office or remotely.
At Clio, we’re more than just a tech company. We’re transforming the practice of law in a permanent and meaningful way that’s bettering the lives of legal professionals while increasing access to justice for all.
We are high achievers who are setting new standards for what it means to be a tech company. In the past three years, we’ve launched a new interface and experience of our software, acquired our first company, launched a second product, secured the largest Series D in Canadian history at the time, and launched a $1 million dollar relief fund to help legal professionals navigate the challenges of COVID-19 (just to name a few).