Director, Privacy Risk & Compliance

Join a Challenger
Being a traditional bank just isn’t our thing, so we challenge ourselves to get creative in providing innovative banking solutions for Canadians.
How do we get there? With a talented team of inquisitive and agile challengers that break through the status quo. So, if you’re passionate about redefining the future of banking—while having fun—this could be your next big opportunity.
Our company continues to grow, and today we serve more than 670,000 people across Canada through Equitable Bank, Canada's Challenger Bank™, and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $125 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our customers have named our EQ Bank digital platform (eqbank.ca) one of the top banks in Canada on the Forbes World's Best Banks list since 2021. 
The Work
As the Director, Privacy Risk & Compliance, this role is critical in shaping, executing, and maintaining the Bank’s Privacy Risk Management Program and ensuring compliance with applicable privacy laws, regulations, and internal standards. The incumbent will also have direct accountability for overseeing the Bank’s Regulatory Compliance Management (RCM) program for privacy-related obligations across all lines of business. The ideal candidate is a strategic thinker with strong regulatory knowledge, proven leadership skills, and deep expertise in Canadian privacy legislation (including PIPEDA, CPPA) and financial services regulations.

Privacy Risk Management Program

• Lead the ongoing development, implementation, and enhancement of the Bank’s enterprise-wide Privacy Risk Management Program.
• Support the Chief Privacy Officer in developing privacy strategies aligned with the Bank’s risk appetite and regulatory expectations.
• Oversee the Bank’s privacy risk assessment framework, including PIAs (Privacy Impact Assessments), risk reviews, and mitigation strategies.
• Drive the integration of privacy by design principles into product development, technology initiatives, and data governance practices.

Regulatory Compliance Management (RCM) for Privacy

• Serve as 2nd LOD overseeing the Bank’s compliance with privacy laws, regulations and key guidance documents.
• Oversee identification, documentation, and communication, of privacy-related regulatory requirement and controls.
• Ensure appropriate controls, processes, and testing are in place to meet compliance expectations under OSFI’s RCM Guideline E-13 and other applicable requirements.
• Monitor and report on the effectiveness of privacy controls and escalate deficiencies to senior leadership and governance committees.
• Own and champion the Bank’s Enterprise Privacy Policy, working cross-functionally to ensure a robust and compliant position on Privacy compliance. 

Leadership & Advisory

• Act as a trusted advisor to senior executives, legal, risk, and business leaders on privacy risks, trends, and emerging regulations.
• Lead a team of privacy professionals; mentor, coach, and develop staff to support the privacy compliance agenda.
• Represent the Bank in industry forums and regulatory discussions related to privacy and data protection.

Monitoring & Incident Management

• Oversee privacy incident response, breach investigation, and regulatory reporting protocols.
• Conduct root cause analysis and recommend enhancements to prevent recurrence of privacy breaches.

Training & Awareness

• Develop and implement a privacy training and awareness strategy tailored to diverse employee groups and risk levels.
• Promote a culture of privacy and ethical data handling throughout the organization.

People Leadership & Team Management

• Lead, mentor, and develop a team of compliance professionals, ensuring high standards of performance, engagement, and professional growth.
• Set clear goals, provide regular feedback, and conduct performance and talent development reviews.
• Foster a team culture built on collaboration, integrity, inclusion, and continuous improvement.
• Identify and address resourcing needs, including succession planning and upskilling to support evolving compliance requirements.
• Encourage innovation in compliance methodologies, use of data, and technology-enabled solutions.

Let's About Talk You!

• University degree in Law, Business, Risk Management, or a related field; CIPP/C, CIPM, or equivalent privacy certification is strongly preferred.
• 7-10 years of progressive experience in privacy, compliance, or risk management roles, preferably within financial services or regulated sectors.
• Proven experience designing and operationalizing privacy risk management programs in complex environments.
• Deep knowledge of Canadian privacy laws (PIPEDA, CPPA, provincial equivalents), and a strong understanding of global privacy frameworks (e.g., GDPR, CCPA) is a plus.
• Familiarity with OSFI guidelines, especially E-13 (RCM) and E-21 (Operational Resilience), is an asset.
• Strategic mindset with ability to translate legal/regulatory requirements into operational solutions.
• Strong analytical, communication, and stakeholder engagement skills.
• Demonstrated leadership and team management capabilities.
• High level of integrity, discretion, and professionalism.

What we offer [For full-time permanent roles] 💰 Competitive discretionary bonus ✨ Market leading RRSP match program🩺  Medical, dental, vision, life, and disability benefits📝  Employee Share Purchase Plan👶🏽 Maternity/Parental top-up while you care for your little one🏝 Generous vacation policy and personal days 🖥  Virtual events to connect with your fellow colleagues🎓  Annual professional development allowance and a comprehensive Career Development program💛  A fulfilling opportunity to join one of the top FinTechs and help create a new kind of banking experience
The incumbent will be working hybrid and in office time will be spent working from Equitable Bank’s additional office space located at 2200-25 Ontario Street, Toronto, ON.  Equitable Bank is deeply committed to inclusion. Our organization is stronger and our employees thrive when we honour and celebrate everyone’s diverse experiences and perspectives. In tandem with that commitment, we support and encourage our staff to grow not just in their career path, but personally as well. 
We commit to providing a barrier-free recruitment process and work environment for all applicants. Please let us know of any accommodations needed so that you can bring your best self to the application process and beyond. All candidates considered for hire must successfully pass a criminal background check and credit check to qualify for hire. While we appreciate your interest in applying, an Equitable recruiter will only contact leading candidates whose skills and qualifications closely match the requirements of the position.  We can’t wait to get to know you!