About the Role
The resource will support all privacy initiatives of the Cyber Security and Risk Management Branch of the Ministry of SaskBuilds and Procurement.
As is its accountability, Cyber Security and Risk Management Branch is becoming increasingly involved with Privacy and is responsible for ensuring Privacy Impact Assessments are completed in a timely manner and appropriate privacy guidance is provided to projects, including those involving our critical information assets, when needed. It is evident that, to meet its obligations in this area, Cyber Security and Risk Management Branch requires the services of a Senior Privacy Analyst.
The resource is considered essential for the successful delivery of information systems and applications containing personal information. Specifically, the resource is envisioned to participate in all privacy related tasks including, though not necessarily limited to:
• Conducting Privacy Impact Assessments.
• Performing Privacy Maturity Model Assessments, if/when requested.
• Providing guidance to the Branch and its clients on privacy legislation and requirements.
• Supporting breach responses for incidents involving privacy.
• Conducting privacy focus groups and/or information sessions.
• Liaise with Government’s Access and Privacy Officers to further strengthen maturity.
• Creating and reviewing privacy policies and procedures, if/when necessary.
• Preparing and delivering privacy training, if/when necessary.
• Other privacy-related tasks as determined through engagement in future initiatives.
Here is what you will need to be successful:
Recognized access and privacy designation (CIPP/C) and security certificate or designation is required.
Completion of a university (bachelor) program; holds an undergraduate or master’s degree in health, policy, IT, security, law, or a related discipline.
Demonstrated relevant experience including conducting and/or providing oversight for Privacy Impact Assessments including developing privacy requirements, risk mitigation plans, corporate policies and developing and/or delivering training content.
Demonstrated knowledge and experience of access and privacy requirements and practices, preferably related to the health and public sectors, including knowledge of privacy legislation The Personal Information Protection and Electronic Documents Act (PIPEDA).
Thorough understanding of “privacy-by-design” and best practices.
Knowledge of technology architecture and infrastructure, digital health solutions and services, enterprise and corporate IT including information and cyber security preferred.
Direct operational level privacy experience preferably in a health sector and/or IT environment is considered an asset.
Working knowledge of digital health technologies and information security industry standards.
Exceptional analytic and creative problem-solving abilities.
Strong communication skills to communicate effectively and efficiently, both verbally and in writing, to diverse audiences/stakeholders
Interested candidates can send the resume at firstname.lastname@example.org upon review will discuss the process of submission for the position.
About the Company