Manager, Policy Compliance

University of DenverQuinte West, ON
Onsite

About The Position

The Department of Enterprise Risk Management partners with the DU community to cultivate responsible, collaborative, and effective practices. The Department is also responsible for risk and insurance management, compliance program, data privacy, public health strategies, and international travel health and safety. Position Summary The Manager reports to the Chief Risk & Compliance Officer and is directly responsible for oversight and management of University policy development, compliance training strategy, CPA and GDPR privacy compliance, and risk management contract review. The Manager’s responsibility is to initiate, research, review, revise, and format policies by communicating with staff at various levels of the University and maintain an accurate centralized policy website. The Manager also coordinates the Policy Advisory Committee for the University. The Manager’s second responsibility is to develop and execute a comprehensive compliance training strategy, curriculum, and implementation plan for the University in collaboration with Human Resources and Inclusive Community. The Manager is responsible for reviewing, modifying, and providing expertise on contract language relating to key policies and issues around travel, risk, privacy, and insurance. The Manager collaborates with other divisions and units to establish a strategic vision for both University policy and compliance training, data privacy, and to support contract review. The position works closely with colleagues in general counsel, information technology, registrar’s office, human resources, and business and financial affairs to create an effective organizational culture.

Requirements

  • Ability to work independently and provide effective customer service.
  • Excellent written and oral communication skills.
  • Experience researching and interpreting laws, regulations, and case law.
  • Experience applying laws to circumstances or situations; experience developing and implementing compliance controls.
  • Strong understanding of compliance processes.
  • Competent in project management.
  • 3-5 years of experience in legal research and documentation providing analysis and generating recommendations and/or other written analysis based on legal research.
  • Bachelor’s degree or equivalent combination of education and experience in Legal Studies, Political Science, Information Technology, Data Management, or other similar background.

Nice To Haves

  • Experience in higher education, government, regulator or compliance agency, or public service.
  • Juris Doctor (law degree).
  • Experience in higher ed or public service; GRC Professional (GRCP), IAPP Certification, or other privacy or compliance certifications.

Responsibilities

  • Policy Coordination and Management: Collaborates across campus to implement, manage, and coordinate all University policy-related activities. Centralizes the coordination and communication with the Policy Advisory Committee.
  • Training: Initiates, facilitates, and promotes activities to foster training on University policies, important legal and compliance updates, as well as information privacy and policy awareness. Oversees, develops, and delivers initial and ongoing legal and compliance updates, policy, and privacy training to faculty and staff.
  • Contract and Technology review: Serves on the Technology Review Committee and reviews new technology requests with a focus on privacy compliance and implications. Reviews University contracts, including privacy and security agreements, data processing agreements, business associate agreements, and other contractual terms relating to the protection and processing of protected information, insurance, and risk related contractual issues. With legal assistance, may negotiate privacy terms and conditions with third parties. Partners with Procurement and Chief Information Security Officer to evaluate new software programs or applications that involve the processing of protected information or affect the Universitys restricted data networks.
  • Privacy requests and Privacy incident management: (External) Coordinates the portability, correction, deletion, and the related interaction with customers and students in response to data privacy requests. Assists in breach determination and notification processes under federal and state laws and cooperates with federal and state regulators in compliance reviews and investigations. (Internal) Investigates, manages, and mitigates privacy incidents, complaints, or breaches.

Benefits

  • medical
  • dental
  • retirement
  • paid time off
  • tuition benefit
  • ECO pass
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service