Work In Tech

Find your next role at Canada's fastest-growing tech companies

Senior Analyst - Risk & Privacy Management



Chennai, Tamil Nadu, India
Posted on Tuesday, September 5, 2023

About Zafin

Founded in 2002, Zafin offers a SaaS product and pricing platform that simplifies core modernization for top banks worldwide. Our platform enables business users to work collaboratively to design and manage pricing, products, and packages, while technologists streamline core banking systems.

Zafin is backed by significant financial partners committed to accelerating the company’s growth and fueling our continued innovation. Our clients benefit from our 60 ecosystem partners and over 500 talented employees spread across 13 global offices.

Zafin is proud to be recognized as a top employer and certified Great Place to Work® in Canada, UK and India. Zafin is headquartered in Vancouver, Canada, with offices and customers around the globe including ING, CIBC, HSBC, Wells Fargo, PNC, and ANZ.

Job Mandate

Reporting to Zafin’s Enterprise Risk & Privacy Officer, the Risk and Privacy Manager will be a valuable member of Zafin’s second line of defence. You will directly support the ongoing coordination of privacy and enterprise risk processes and policies that inform responsible decision-making, foster a culture of risk awareness and stewardship, and drive compliance. In this role, you will participate in key projects that enhance our compliance posture and our business strategy.
In your capacity as a Privacy and Risk subject matter expert, you will play a vital role to ensure our day-to-day processes and practices keep pace with changes in the risk and regulatory landscape in which we operate.

Job Details

Major Responsibilities:


  • Promote an effective Privacy & Risk Management culture, by building awareness amongst staff by supporting business units
  • Develop and enforce enterprise Privacy & Risk processes, policies, and tools
  • Support client due diligence and vendor risk management processes to ensure compliance with appropriate Privacy & Risk requirements. Tracking remediation and negotiating terms, as appropriate.
  • Create and administer Privacy and Risk training.


  • Respond to privacy queries from employees, clients, partners or other third parties.
  • Assist business units to operationalize Privacy Compliance initiatives
  • Liaise, as appropriate, with security and technology teams to align on controls
  • Participate in privacy incident investigations and remediation efforts
  • Maintain accurate tracking of reported privacy incidents, access, and correction requests to support organizational reporting requirements.
  • Coordinate Privacy Impact Assessments and follow up with stakeholders to remediate findings.
  • Research changes in legal and regulatory privacy landscape that might impact the organization or its entities.


  • Coordinate initiatives to support Enterprise Risk Management, including risk assessments and tracking controls.
  • Coordinate risk workshops and risk reviews to guide the business units through risk assessment and preparation of treatment plans for the identified threats.
  • Maintain the controls register, ensuring that all controls are accurately documented and that first line risk owners actively manage risk responses as planned.
  • Assist with governance planning and compiling results into reports for senior management analysis and decisioning.

Knowledge, Education, Training


  • Undergraduate Degree in business, law, or information systems


  • Relevant privacy laws, regulations, and standards in Canada, the US, UK. and the EU
  • Risk management and security standards (i.e. ISO 31000, NIST)
  • Demonstrated organization, facilitation, communication, and presentation skills
  • Demonstrated experience and skills in fact-finding, collaboration, teamwork, and problem-solving
  • Ability to plan, manage and evaluate multiple complex initiatives and/or projects, typically involving input from internal and external contracts.
  • Attention to detail and ability to connect the dots
  • Exceptional organizational and execution skills.


  • 3-5 years’ experience in business administration, privacy compliance, risk management, or another related field.

Nice to have

  • Professional Privacy Certification (CIPM, CIPP) or willingness to complete within 6 months

Minimum Required Behavioural / Soft Skills


  • A relationship-builder you engage confidently with stakeholders, internally and externally, achieving results through influence and collaboration
  • An adaptable mindset that anticipates changes in priorities and business needs, takes proactive measures to identify cross-functional impacts, and generates actionable plans to deliver results.
  • Crisis management skills and experience
  • Good drafting skills (inclusive of policy and associated processes)
  • Attention to detail and ability to connect the dots
  • Exceptional organizational and execution skills.