Senior Information and Privacy Manager, Compliance Support

Job Title: Senior Information and Privacy Manager, Compliance Support
Job Requisition ID: 68660
Organization: Office of the Information and Privacy Commissioner

Full or Part-Time: Full-Time
Hours of Work: 36.25 hours per week
Regular/Temporary: Regular

Salary: $3,241.74 - $4,362.44 bi-weekly ($84,609.41 - $113,859.68 annually)

About Us

The Office of the Information and Privacy Commissioner of Alberta (OIPC) is dedicated to advocating for the access and privacy rights of Albertans. It ensures that public bodies, health custodians, and private sector organizations uphold these rights as prescribed by Alberta's laws.

OIPC is known for its comprehensive regulatory role, proactive engagement with technological advancements, commitment to public education, collaborative culture, and the significant impact of its work in protecting privacy and access to information.

The OIPC is an Officer of the Legislature who reports directly to the Legislative Assembly of Alberta. Through the OIPC, the Commissioner performs the compliance oversight and regulatory responsibilities set out in Alberta's three access to information and privacy laws.

Why OIPC Alberta?

Alberta is rapidly becoming a hub for technological advancements, particularly in AI and data protection. Enjoy a high quality of life with competitive salaries, no provincial sales tax, and affordable housing. Thrive in a growing and diverse economy expanding into various industries where privacy rights matter.

The OIPC is committed to a diverse and inclusive public service that reflects the population we serve to best meet the needs of Albertans.

Reporting to the Director, Compliance Support (CS), this role offers a unique opportunity to be at the forefront of the Commissioner's legislated oversight mandate. Through relationship building, strong leadership, and effective investigation and communication skills, you will influence and effect changes in the development and implementation of initiatives, programs, policies, goals, and proposed legislative schemes in the public, health, and private sectors.

The work performed by the position is integral to the Commissioner's ability to ensure the privacy and access rights of Albertans are upheld; ensure that public bodies/organizations/custodians comply with their duties and responsibilities under the Acts; and, provide fair, independent and impartial reviews on access and privacy matters. The position's specific accountabilities include:

• Reviewing and investigating public bodies, custodians, and organizations for legislative compliance.
  • Conducting reviews of privacy breaches to ensure legislative compliance of breach notification provisions of the Acts.
  • Conducting informal investigations initiated by the Commissioner and producing written findings and recommendations to address identified compliance issues.
  • Conducting information security audits or privacy compliance reviews of programs and initiatives of public bodies, custodians, and organizations.
  • Informing the Directors, Assistant Commissioners, and Commissioner about access and privacy issues of significance.
• Reviewing and providing comment on privacy impact assessments.
  • Consulting, commenting on, and making recommendations regarding policies, procedures, and practices related to initiatives, applications, and technology use in relation to the requirements of the applicable Acts.
  • Reviewing and commenting on technical, administrative, and physical safeguards implemented to protect health and personal information.
  • Commenting on risk assessment and mitigations related to system design and implementation.
• Educating and informing the public and public bodies, custodians, and organizations on the Acts.
  • Preparing public documents such as advisories on specific access and privacy matters.
  • Researching, writing, and developing educational or guidance materials and tools.
  • Conducting presentations, workshops, and information sessions regarding the rights and practical application of the Acts.
  • Speaking at conferences.
  • Developing relationships with public bodies, custodians, organizations, and other stakeholder groups, including participation at meetings (e.g., network meetings).
  • Responding to media queries as required.
  • Managing and supervising junior staff including intake staff when required by the Director.
• Conducting and/or leading research projects when required by the Director, Assistant Commissioners, or Commissioner.
  • Researching and reviewing relevant materials, cases, and legal decisions/rulings;
  • Compiling and analyzing statistics and results;
  • Producing reports and developing guidance tools to assist and inform the public or stakeholders (public bodies, custodians, and organizations).
• Managing a diverse and demanding workload in a timely and efficient manner.
  • Working in collaboration with other staff within the CS team and outside of the CS team as needed.

• A University degree in Information Technology, Computer Science, Information Systems Security Management, or a related field. A professional designation in Information Security such as CISSP, CISA, CISM, etc. would be an asset. Equivalencies will be considered.
• At least six years of directly progressively responsible related experience, encompassing:
  • Interpreting and applying legislation
  • Information security and/or privacy compliance reviews
  • Research and analysis
• Superior verbal and written communication skills and the ability to explain legislation and complex legal and factual issues in terms that are understandable to parties.
• Understanding of access and privacy laws and principles, especially in relation to the Freedom of Information and Protection of Privacy Act (FOIP), Health Information Act (HIA), and Personal Information Protection Act (PIPA), would be an asset.
• Proven ability to interpret and apply legislation to specific circumstances, ensuring compliance and providing well-reasoned findings and recommendations.
• Knowledge of the rules of natural justice and administrative fairness.
• Investigation experience, including the ability to prepare investigative plans, gather evidence, conduct interviews, analyze information, and make findings and recommendations on complex and sensitive issues, preferably in areas related to information access, privacy, and security.
• Knowledge of trends, developments, issues, legal decisions, and precedents relating to access, privacy, security, and information technology.
• Management-level knowledge of information security best practices and technologies.
• Experience with complex or multi-stakeholder information technology and information sharing initiatives.
• Ability to manage a complex, diverse, and demanding workload, including setting and adjusting workload priorities and tasks in response to increasing demands and changing issues.
• Experience establishing and building effective relationships with stakeholders, including the public, media, interest groups, and senior-level representatives in the public/health/private sectors and other jurisdictions, and internally with a team and all office staff.
• Superior interpersonal skills, including the ability to manage conflict, maintain objectivity in politically sensitive or adversarial situations, demonstrate tact and diplomacy.
• Ability to work independently and within a team structure.

• A first-year vacation grant for new hires to the Alberta Public Service, plus vacation earned each month.
• Management Vacation supplement: Management employees receive 5 additional work days of vacation at the beginning of each calendar year.
• Paid statutory holidays following Government of Alberta leave directives, including Holiday closure in December.
• Positive workplace culture and work-life balance.
• Opportunity to participate in flexible work arrangements such as working from home (which is currently being piloted) and modified work schedule agreements.
• Health Spending Account (HSA).

How to Apply:

This competition may be used to fill future vacancies at the same or lower classification.

Candidates are required to apply online. Please submit your resume and cover letter outlining why you want to work for the Office of the Information and Privacy Commissioner and how your education and experience relates to the qualifications outlined in this job ad. Applications submitted without a cover letter will not be considered.

Applicants who have completed post-secondary studies from outside of Canada are required to have an evaluation of their credentials from the International Qualifications Assessment Service (IQAS) or from a recognized Canadian Credential Evaluator; please visit the Alliance of Credential Evaluation Services of Canada for more information. Applicants must include the assessment certificate from IQAS or any other recognized educational assessment service as part of their application in order to be considered.

Final candidates for this position will be asked to undergo a security clearance.

Closing Statement

We thank all applicants for their interest. All applications will be reviewed to determine which candidates' qualifications most closely match the advertised requirements. Only individuals selected for interviews will be contacted.