Details

Posted: 15-May-25

Location: Edmonton or Calgary, Alberta, Canada

Type: Full Time

Salary: Permanent Position

Categories:

IT Governance

Information Security

Risk Management

Currency:

Canada, Dollar (CAD)

Region:

Canada

Salary Details:

Salary: $3,241.74 - $4,362.44 bi-weekly ($84,609.41 - $113,859.68 annually)

Preferred Education:

4 Year Degree/Bachelor Degree

Additional Information:

Hybrid/Remote is allowed.

Certifications:

CDPSE
CDPSE - Certified Data Privacy Solutions Engineer

CISA
CISA - Certified Information Systems Auditor

CISM
CISM - Certified Information Security Manager

CRISC
CRISC - Certified in Risk and Information Systems Control

CSX-P - Cybersecurity Practitioner Certification

Cybersecurity Fundamentals Certificate

The Opportunity

Reporting to the Director, Compliance Support (CS), this role offers a unique opportunity to be at the forefront of the Commissioner’s legislated oversight mandate. Through relationship building, strong leadership and effective investigation and communication skills you will influence and effect changes in the development and implementation of initiatives, programs, policies, goals and proposed legislative schemes in the public, health and private sectors. 

This is not an IT position.  This position requires someone who is able to apply legislative requirements and information security and privacy principles to ensure compliance with Alberta's privacy and access legislation.

For example, in this role you may:

• review a privacy impact assessment that involves the use of artificial intelligence.
• be involved in the Commissioner's investigation into the adequacy of an organization's security measures to protect personal and health information involved in a privacy breach.
• examine business models and contracts concerning virtual care platforms to determine compliance with health information and private sector privacy legislation.

Responsibilities:

The position’s specific accountabilities include:

• Reviewing the decisions of public bodies, private organizations and health custodians for compliance with applicable legislation;
• Reviewing privacy impact assessments, providing comments and making recommendations;
• Reviewing privacy breaches to ensure compliances with applicable legislations;
• Conducting informal investigations to ensure legislative compliance;
• Issue findings and make recommendations on access and privacy issues;  
• Reviewing and comment on initiatives, policies, contracts, procedures and practices of public bodies, custodians, and private sector organizations to support compliance with the Acts;
• Consulting and providing education concerning complex and multi-jurisdictional access and privacy issues; and
• Educating and informing the public and public bodies, custodians and organizations on the Acts.

To be successful in this role, you must have:

• The ability to interpret and apply legislation to specific circumstances, ensuring compliance and providing well-reasoned findings and recommendations;
• Good technical knowledge in information technology and security and be able to apply this in the legislative framework. For example, evaluating compliance of virtual care platforms that collect, use and disclose personal and health information of patients with the applicable legislative frameworks.
• Investigation experience, including the ability to prepare investigative plans, gather evidence, conduct interviews, analyze information, and make finding and recommendations on complex and sensitive issues, preferably in areas related to information access, privacy and security; and
• Experience establishing and building effective relationships with stakeholders.
• Superior interpersonal skills, including the ability to manage conflict, maintain objectivity in politically sensitive or adversarial situations, demonstrate tact and diplomacy and work collaboratively with colleagues.

For a copy of the job description, please visit this link.

For a copy of the full job ad and how to apply, please visit the Job Board website.

University Degree in a related field, supplemented by at least six years of directly progressively responsible related experience, encompassing:

• Interpreting and applying legislation
• Information security and/or privacy compliance reviews
• Research and analysis
• Investigation experience

Assets:

• An Understanding of access and privacy laws and principles, especially in relation to the Freedom of Information and Protection of Privacy Act (FOIP), Health Information Act (HIA), and Personal Information Protection Act (PIPA).
• A professional designation in Information Security such as CISSP, CISA, CISM or related experience.

About Office of the Information and Privacy Commissioner of Alberta

The Office of the Information and Privacy Commissioner of Alberta (OIPC) is dedicated to advocating for the access and privacy rights of Albertans. It ensures that public bodies, health custodians, and private sector organizations uphold these rights as prescribed by Alberta's laws. The OIPC provides fair, independent, and impartial reviews in a timely and efficient manner. OIPC is known for its comprehensive regulatory role, proactive engagement with technological advancements, commitment to public education, collaborative culture, and the significant impact of its work in protecting privacy and access to information. The OIPC is an Officer of the Legislature who reports directly to the Legislative Assembly of Alberta. Through the OIPC, the Commissioner performs the compliance oversight and regulatory responsibilities set out in Alberta’s three access to information and privacy laws: The Freedom of Information and Protection of Privacy Act (FOIP) The Health Information Act (HIA) The Personal Information Protection Act (PIPA) OIPC is one of the few jurisdictions in Canada with comprehensive laws covering public, private, and health sectors. This unique legal frame...work provides an unparalleled opportunity for privacy and access practitioners to make a significant impact across diverse fields.

Show more

Show less

Connections working at Office of the Information and Privacy Commissioner of Alberta