SeniorGRCAnalyst,Privacy

MEET BENEVITY Benevity is the way the world does good, providing companies (and their employees) with technology to take social action on the issues they care about. Through giving, volunteering, grantmaking, employee resource groups and micro-actions, we help most of the Fortune 100 brands build better cultures and use their power for good. We’re also one of the first B Corporations in Canada, meaning we’re as committed to purpose as we are to profits. We have people working all over the world, including Canada, Spain, Switzerland, the United Kingdom, the United States and more! Benevity is seeking a Sr. GRC Analyst, Privacy to anchor and advance our data protection program across a complex, multi-jurisdictional regulatory landscape. In this role, you will own the design, operationalization, and continuous maturity of Benevity’s privacy compliance program, spanning GDPR, UK-GDPR, CPRA, PIPEDA, CASL, and emerging global frameworks. You will build the foundational infrastructure that keeps Benevity accountable to its regulatory obligations: Records of Processing Activities, Data Subject Access Request workflows, Data Protection Impact Assessments, and subprocessor governance, ensuring the program is not only defensible to regulators but scalable as Benevity grows. As a trusted privacy advisor embedded across cross-functional teams, you will work closely with Legal, Security, Engineering, Product, and Data Governance to embed Privacy by Design into the business. You will support the DPO operational function, partner on Data Processing Agreement reviews, and translate complex privacy requirements into practical, business-aligned controls. Your work will directly protect Benevity’s clients, employees, and the communities they serve, and ensure that trust remains a core competitive advantage. What you’ll do: Privacy Program & Governance - Own and maintain Benevity’s Records of Processing Activities (ROPA) under both controller and processor regimes, ensuring compliance w