Senior Data Governance Analyst

Reports To: Head of Compliance and Enterprise Risk

About the job:

atVenu’s Compliance & Risk team is seeking an experienced data governance professional to steward a new data governance function for the company’s ever-growing inventory of data. This will be a highly collaborative role working with every area of the business to ensure our data is secure, compliant, and reliable.

In addition to promoting best practices for the company’s existing data sets, this role will also be forward‑looking as a stakeholder/partner during the design and deployment of new products and systems that will expand our collection and storage of data.

• Improve and maintain atVenu’s data inventory and classification framework across internal systems and third‑party vendors.
• Contribute to building scalable, pragmatic, risk‑based data governance processes that align with a fast‑paced, growing technology company.
• Partner with business, IT, and security teams to define data ownership and ensure appropriate access controls are in place.
• Oversight of the data lifecycle from data creation through to destruction.
• Create and maintain policies, standards, and processes related to data governance.
• Aid data owners in the design and support of data integrity controls to ensure data is not improperly altered, lost, or duplicated across systems.
• Monitor for data quality and work with teams to remediate quality issues where applicable.
• Provide guidance and training to teams as necessary, on proper data handling and governance best practices that are tailored to atVenu’s business objectives.
• Support compliance with privacy and data protection frameworks such as GDPR, US state privacy laws (e.g., CCPA/CPRA), and Canada’s PIPEDA.
• Complete privacy impact assessments on new products, features, integrations, and third‑party service providers.

• 8+ years of data governance experience – ideally working in a smaller SaaS company.
• The knowledge and confidence to be the company’s data governance expert.
• Working knowledge of privacy laws (GDPR, CCPA, PIPEDA) and compliance concepts as well as an understanding of how they apply to transaction data.
• Thorough understanding of access management principles and best practices.
• A solid grasp of risk management principles and assessing risk.
• Experience building and maintaining a data inventory.
• Highly effective communication skills and the ability to work with both technical and non‑technical teams.
• Ability to influence without direct authority through collaboration.
• A good mix of empathy, pragmatism, and humility.
• Comfort working in a small, fast‑moving organization where processes are still maturing.
• Experience creating, operationalizing, and maintaining policies, standards, and procedures.

• Bachelor’s degree in Data Management, Information Systems, Computer Science, or a related field.
• CIPT, CIPP, or CIPM certification.
• Experience working with legal counsel on service agreements pertaining to data protection.
• Experience supporting external audits and responding to customer assurance requests regarding data protection.
• Familiarity with the full breadth of information security controls.

This position can be a remote/hybrid.