Privacy Resource (Expert Level)

Overview

Remote
Depends on Experience
Contract - W2
Contract - Independent

Skills

"PIA"
PRIVACY

Job Details

We are currently looking for a Privacy Resource (Expert Level) for our client. The IT Division of the Government of Saskatchewan (GOS) has an ongoing need for an experienced and knowledgeable Privacy Resource to be a member of the team.
The Privacy Resource will support both the Ministry of Justice and Attorney General and the Ministry of Corrections, Policing and Public Safety to implement project-based IT solutions that are privacy-informed by surfacing privacy risks and crafting mitigation strategies. The Privacy Resource will be required to conduct privacy analyses and write Privacy Impact Assessment (PIA) reports.
This position will be remote and aligned with the office hours of the (GOS) head office in Regina, Saskatchewan, Canada. The intended start date for the role is July 22, 2024, for a one-year contract with a possible extension.
Primary Duties:

  • Participate in core team meetings to ensure the privacy perspective remains prevalent throughout the course of all projects.
  • Solicit and elicit administrative, technical, and physical information from subject matter experts (SMEs).
  • Think critically about systems, legislative duties, safeguards, and access controls to protect personal information.
  • Review project approaches, procedures, policies, associated materials, and safeguards to provide SMEs input and observations.
  • Review and advise on implementations as needed.
  • Conduct comprehensive Privacy Impact Assessments:
  • Write reports.
  • Make recommendations.
  • Craft actionable and meaningful mitigation strategies.
  • Draft data flow diagrams.
  • Document legislative authority and/or consent.
  • Ensure accuracy.
  • Assemble supporting materials.
  • Identify data elements, their use, and purpose.
  • Evaluate retention schedules.
  • Ensure collection is limited.
  • Assess safeguards.
  • Revise PIAs prior to implementation.
  • Create addendums to PIAs after implementation.
  • Support internal capacity building of an in-house resource through job-shadowing, mentoring and process documentation to support privacy outcomes for IT projects.

Qualifications and Knowledge:

    • Bachelor s degree in computer science, Information Technology, Information Security, or related field.
    • 10 years of demonstratable experience effectively managing privacy concerns within IT initiatives.
    • Experience conducting Privacy Impact Assessments (PIAs) and familiarity with Privacy by Design (PbD) principles.
    • In-depth understanding of Federal and Provincial privacy laws and requirements.
    • Knowledge of emerging privacy trends, technologies, and best practices.
    • Experience with GOS, or comparable entities, as it relates to the technical and business landscape.
    • Familiarity with criminal justice system, correctional settings, and applicable laws, inclusive to both adult and youth cases and custody.
    • Demonstrated experience successfully working in a multiple project environment with an ability to prioritize, meet deadlines, and work under pressure.
    • Demonstrated working experience with information security policies, standards, methods, and best practices.
    • Proven experience managing privacy considerations throughout the lifecycle of IT projects, from conception to implementation.
    • Ability to collaborate with cross-functional teams, including developers, designers, legal counsel, and compliance officers.
    • Strong project management skills, including the ability to prioritize tasks, manage timelines, and communicate effectively with stakeholders.
    • Familiarity with IT systems and architectures, including cloud computing, databases, networking, and encryption methods.
    • Understanding of security protocols, such as TLS/SSL, SSH, and VPNs.
    • Knowledge of privacy-enhancing technologies (PETs) and tools for data anonymization, encryption, and pseudonymization.

Risk Assessment and Mitigation:

    • Experience identifying privacy risks and implementing controls to mitigate them.
    • Ability to perform privacy risk assessments and develop risk management strategies.
    • Familiarity with security frameworks such as NIST Cybersecurity Framework or ISO 27001.

Communication and Collaboration:

    • Excellent written and verbal communication skills, with the ability to explain complex privacy concepts to non-technical stakeholders.
    • Strong interpersonal skills and the ability to build relationships with internal teams and external partners.
    • Experience delivering privacy training and awareness programs to educate employees on privacy policies and procedures.

Analytical and Problem-Solving Skills:

    • Strong analytical skills and attention to detail for evaluating privacy implications within IT systems and processes.
    • Ability to analyze privacy incidents or breaches, identify root causes, and recommend corrective actions.

Regulatory Compliance:

    • Experience ensuring compliance with relevant privacy laws and regulations.
    • Knowledge of regulatory requirements for data handling, data subject rights, consent management, and data breach notification.

Ethical Standards:

    • Commitment to upholding ethical standards and protecting the privacy rights of individuals.
    • Awareness of ethical considerations in data collection, processing, and use.

Adaptability and Continuous Learning:

    • Ability to adapt to evolving privacy requirements, technologies, and industry standards.
    • Commitment to ongoing professional development through training, certifications, and participation in industry events and forums.

Must have

    • Public Sector Experience

ABOUT THE ROLE:
This role, is a one (1) year contract engagement with a one-year extension if both parties are amenable. This work will be conducted remotely aligned with office hours of Regina, Saskatchewan, Canada.
APPLY NOW:
If you are interested in finding out more, please contact us or submit your resume. Or, if you know someone who meets these qualifications, please forward this assignment opportunity to them.
ABOUT SYSTEMATIX:
Systematix is one of Canada s largest privately owned National Consulting and Resourcing firms. With offices across Canada, we provide the highest calibre consulting solutions to a diverse client base that includes all levels of Government and all private industry sectors.
Although we appreciate your interest in this role, only persons deemed applicable to this role will be contacted.
Systematix is committed to creating a diverse, inclusive environment and is proud to be an equal opportunity employer. At Systematix, we do not just accept difference, we thrive on it and believe that diverse cultures, perspectives, and experiences enhance our workforce and bring value to our community. Systematix Technology Consultants Inc has adopted the Employment Equity Policy to promote the full participation and advancement of members of the designated groups (women, Indigenous peoples, members of visible minority groups, and persons with disabilities) under the Canadian Human Rights Act and Employment Equity Act in the Systematix Technology Consultants Inc workforce.