Metrolinx
Job title:
Senior Privacy Advisor
Company
Metrolinx
Job description
Job Description:Metrolinx is connecting communities across the Greater Golden Horseshoe. Metrolinx operates GO Transit and UP Express, as well as the PRESTO fare payment system. We are also building new and improved rapid transit, including GO Expansion, Light Rail Transit routes, and major expansions to Toronto’s subway system, to get people where they need to go, better, faster and easier. Metrolinx is an agency of the Government of Ontario.At Metrolinx, equity, diversity and inclusion are essential to living our values of serving with passion, thinking forward and playing as a team.Our General Counsel & Corporate Secretary’s Office is looking for a Senior Privacy Advisor for a Six ( 06 ) months contract role under the direction from the Director, Privacy Program, provide daily support to Metrolinx’ s privacy program through advice, technical expertise, guidance and training, to corporate programs and activities that protect privacy, including interpreting and developing the privacy program.The incumbent in this role will primarily focus on providing advisory services to Metrolinx’ s Digital Marketing Experience and Customer Digital Transformation Program areas. Their experience will be on advising ,having knowledge of various marketing strategies such as cookies, third party targeted marketing, use of social media, e-commerce, web privacy, promotional contests and digital privacy issues is considered an asset. The Senior Advisor will support initiatives in an agile capacity while applying privacy best practices and embedding privacy by design throughout the project lifecycle.What will I be doing?
- Promote interpretation, and compliance with legislative requirements of the Freedom of Information and Protection of Privacy Act (FIPPA), and guidance from Ontario’s Information and Privacy Commissioner.
- Promote the development of privacy best practices above and beyond FIPPA and related legislative requirements, including requirements of the private-sector Personal Information Protection and Electronic Documents Act (PIPEDA), guidance from the Federal Office of the Privacy Commissioner of Canada, and industry best practices.
- Maintain current knowledge of the application of privacy legislation and regulations and industry changes and anticipate the impact on privacy issues to organizational/corporate practices.
- As privacy subject matter expert, provides support to Metrolinx departments and project team members to ensure compliance with Metrolinx privacy policies, legislative and contractual obligations, and support standard and methodologies and implementation of best practices on an on-going basis.
- Model Metrolinx’ s values and core competences, especially in dealings with external partners, and in the handling of personal and confidential information.
- Under the leadership of the Director, Privacy Program, supports the privacy program governance framework including development and tracking of privacy Goals and the Privacy Steering Committee.
- Implement strategic privacy projects, including policies, best practices, and risk mitigation strategies across our departments.
- Monitor and conduct privacy research activities to identify and assess jurisdictional/private sector and industry best practices, risks and impacts related to program delivery, to inform and enhance the effectiveness of Metrolinx’ s privacy policy, legal commitments, and program delivery.
- Identify contentious issues, monitors changes to best practices and legal requirements, briefs staff and senior management, and implements revisions/mitigation strategies. Identify and assess privacy risks and provide advisory and consultative suport to risk owners to develop appropriate mitigation plans. Conduct post-implementation analysis and reviews to ensure recommendations have been implemented.
- Investigate privacy incidents to identify privacy breaches and support response plans through all phases of the incident response process, including privacy analysis, root cause analysis, development of mitigation strategies, and reviewing associated communications and reporting.
- Lead investigations and responds to privacy inquiries, privacy complaints and breach incidents, and acts as the primary contact for Ontario’s Information and Privacy Commissioner; logs follow-up activities and resolutions and provides advice to staff and senior management.
- Review, proposes, and coordinates appropriate action plans to address findings of privacy audits and monitoring, in collaboration with Internal Audit and departments.
- Ensure assigned risks are added to the ERM and monitor to ensure compliance with risk mitigation plans and associated timelines.
- Help plan privacy steering committee meetings and facilitate and maintain a network of essential privacy contacts throughout the organization.
What Skills and Qualifications Do I Need?
- Completion of a degree in Business Administration, Information Management, Information Technology, or related field – or a combination of education, training and experience deemed equivalent.
- Demonstrated experience/training in providing technical advice and guidance relating to information access and privacy with some public sector experience.
- Knowledge of and ability to interpret and apply legislation and government regulations guiding privacy protection and access to information (e.g. Freedom of Information and Protection of Privacy Act (FIPPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL).
- Experience assessing privacy compliance for new programs, information systems, or services.
- Experience preparing a range of written materials, documentation, reports, briefing notes, training materials; brief senior management and staff on a range of privacy issues/matters; provide information/documentation to the IPC.
- Strong interpersonal skills, with a sense of political acuity and the ability to present complex facts, information and explanations to different audiences including, matters brought before Ontario’s Information and Privacy Commissioner and senior management.
- Collaboration and relationship management skills to demonstrate aptitude for building trusted relationships and a reputation for sound judgement and pragmatism with internal clients and partners. Ability to work effectively and in partnership with colleagues, diverse teams (including legal counsel and information technology, internal audit, and risk professionals) and partners to build consensus and influence decisions; foster a culture of information privacy awareness.
- Knowledge of data digitization, data mining, information flow and security concepts, to review and advise on the agreement of our technology/information management/security projects/plans to privacy practices and legislative compliance requirements.
Don’t Meet Every Requirement?If you’re excited about working with Metrolinx but your past experience doesn’t quite align with every qualification of this posting, we encourage you to apply. You just might be the right candidate for this or other roles. We are always looking for great talent to join our team.We invite all interested individuals to apply and encourage applications from members of equity-deserving communities, including those who identify as Indigenous, Black, racialized, women, people with disabilities, and people with diverse gender identities, expressions and sexual orientations.Accommodation:We value the unique skills and experiences each person brings to Metrolinx and are committed to creating and maintaining an inclusive and accessible environment. We are committed to the requirements of the Accessibility for Ontarians with Disabilities Act so if you require accommodation during the hiring process, please let our Recruitment team know by contacting us at: 416-202-5601 or email .Application Process:All applicants must be legally entitled to work in Canada. Metrolinx will be using email to communicate with you for all job competitions. It is your responsibility to include an updated email address that is checked daily and accepts emails from unknown users. As we send time-sensitive correspondence, we recommend that you check your email regularly. If no response is received, we will assume you are no longer interested in pursuing the opportunity. Please be advised that a Criminal Record Check may be required of the successful candidate.For Internal applicants, with the recent implementation of the Internal Mobility Policy, the internal recruitment process has changed for non-union roles. Candidates must be in their current role for 12 months prior to applying for another role and each applicant must be in good standing (not participating in a Performance Improvement Plan). Please review all provisions of the before submitting your application.Should it be determined that any background information provided is misleading, inaccurate or incorrect, Metrolinx reserves the right to discontinue with the consideration of your application.We thank all applicants for their interest, however, only those selected for further consideration will be contacted.WE ARE AN EQUITABLE AND INCLUSIVE EMPLOYER.
Expected salary
Location
Canada
Job date
Thu, 03 Oct 2024 23:57:42 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnearcanada.com) you saw this job posting.