Remote Compliance and Privacy Manager @ Envato

We value inclusivity and diversity at Envato. Research shows candidates from neurodiverse and underrepresented backgrounds often only apply for roles if they meet all the criteria. We like to make our hiring decisions based on experience and passion, so if you’re keen to apply and need reasonable adjustments please let us know. We also encourage you to let us know the pronouns you use at any point during the recruitment process.

Our focus is on helping people to complete their creative projects, with our author community earning every time that happens.

Envato proudly impacts the lives of creatives all over the world, from web developers and graphic designers, to marketers, videographers, photographers and more. We’ve built a community where anyone can get their creative projects done, and where creators bring their ideas to life and in the process, earn a living doing what they love. It doesn’t get much better than that!

We are a global and rapidly scaling business. Blending purpose and profit, we’re a passionate B Corp, committed to making a positive impact on the communities we engage in. You can read more about our purpose, mission and values on our website.

We’ve embraced flexibility for a long time – where we can, let’s make work, work for you! Our roles can be based ANYWHERE in Australia or New Zealand, and while we all mostly work from home we’re proud of how we keep our global team connected.

As Envato’s Compliance and Privacy Officer, you will play a key role in designing and implementing compliance and risk policies, procedures and controls, and play a pivotal role in guiding continual improvements to the effectiveness of risk and compliance across Envato.

The successful candidate will also take on the role of Envato’s Privacy Officer. This will include but not be limited to providing specialist guidance to assist Envato in complying with applicable global laws and regulations related to privacy, including the GDPR, data protection and security.

Risk and compliance is part of the wider legal team who are a fast-paced, adaptable and responsive legal team that is deeply embedded in the business. We work in a highly collaborative, organised and transparent manner and we place a lot of value on teamwork. The risk and compliance specialism of that team is a new function for Envato focused on ensuring our risk and compliance frameworks, policies  and processes are fit for purpose so that we meet our obligations and anticipate needs to support future growth.

Responsibiltiies:

• Monitoring Envato’s activities to ensure that we are compliant with relevant laws and regulations, including conducting internal reviews of business practices, processes, and policies, procuring and analysing data to identify potential areas of non-compliance or improvement
• Monitoring changes in regulations and industry practices to identify impacts to Envato’s products, systems and processes; and partnering with the business to implement controls to manage those impacts.
•  Investigating, identifying, and resolving compliance issues by conducting interviews, reviewing documents, and collaborating with other departments to gather information.
• Collaborating with internal teams to ensure compliance with relevant regulations and providing training and education to employees on compliance-related issues, policies, and procedures, to ensure best practice
• Reporting on Envato’s compliance status by preparing and submitting reports to leadership, the Board, Regulators, and other stakeholders
• Support the uplift and implementation of Envato’s Enterprise Risk Management Framework including the development and ongoing oversight of supporting Risk Registers
• Lead Envato’s Modern Slavery protocols and compliance program
• Develop and maintain privacy policies and procedures that align with applicable laws and regulations, including the Australian Privacy Act, the GDPR, CCPA and the EU-U.S. Data Privacy Framework
• Act as Envato’s designated Privacy Officer and Data Protection Officer under various global Privacy frameworks
• Manage Envato’s Data Protection Impact Assessment processes
• Conduct privacy risk assessments to identify potential areas of risk and develop plans to mitigate those risks
• Investigate and respond to privacy-related incidents or breaches, including reporting incidents to regulatory bodies as required
• Educate employees and stakeholders on privacy & data protection laws, policies, and procedures

Key Skills:

• Strong commercial acumen and ability to understand the impact of regulatory changes on the business
• Ability to work well under pressure and manage sensitive and confidential information
• Excellent communication (written and verbal), presentation and interpersonal skills, with the ability to work well both independently and as part of a team
• Ability to manage change initiatives and influence outcomes

Skills and Experience:

• Tertiary qualifications in Business, Law or Risk & Compliance Management preferred
• 6 – 8 years’ professional experience in risk or compliance
• Experience in privacy or data protection, with a solid  understanding of applicable privacy regulations.
• Certification in privacy or data protection (e.g. CIPP, CIPM) is preferred
• Experience in compliance, quality, incident management & process improvement
• Experience in preparing reporting and insights to assist the business