Yukon Ombudsman Yukon Information and Privacy Commissioner Yukon Public Interest Disclosure Commissioner

Yukon Ombudsman

Now Hiring: Investigator and Compliance Review Officer

Thu, Sep 28, 2017

 

Investigator and Compliance Review Officer (Information Systems Security)

Posting Open Date: September 28, 2017

Posting Close Date: November 17, 2017 or until filled

Location: Whitehorse, Yukon

Job Type: Permanent Full-Time

Salary Range: $107,093 to $124,122 per annum

Benefits: 12% salary paid in lieu of pension

Work Days/Hours: Monday to Friday from 8:30 AM to 4:30 PM (7.5 hrs/day)

Travel Bonus: $2242.00 per year (after 1 year of employment)

Deliver Resumes to: The Office of the Ombudsman, Suite 201, 211 Hawkins Street, Whitehorse, Yukon, Y1A 1X3. Attention: Human Resources

Note that this is not a Yukon Government position.

The Office of the Ombudsman, Information and Privacy Commissioner (IPC), and Public Interest Disclosure Commissioner (PIDC) is seeking to fill the position of Investigator and Compliance Review Officer (Information Systems Security (ISS)).

The Ombudsman, IPC and PIDC is an independent officer of the Yukon Legislative Assembly and has responsibilities under the Ombudsman Act, the Access to Information and Protection of Privacy Act, the Health Information Privacy and Management Act, and the Public Interest Disclosure of Wrongdoing Act. For information about the Ombudsman, IPC and PIDC visit the Office’s website at: http://www.ombudsman.yk.ca/meet-us.

Under the Ombudsman Act, the Ombudsman is responsible to investigate allegations of unfairness made against government and other authorities. The Information and Privacy Commissioner is responsible to ensure government and other public bodies comply with the Access to Information and Protection of Privacy Act (ATIPP Act) and health care custodians comply with the Health Information Privacy and Management Act (HIPMA). The PIDC is responsible to investigate disclosures of wrongdoing made by employees of government and other public entities, and investigate allegations of reprisals taken against an employee.

Reporting directly to the Ombudsman, IPC and, PIDC, the Investigator and Compliance Review Officer (ISS) plays a key role in the Office of the Ombudsman, IPC and PIDC by assisting the Ombudsman, IPC and PIDC carry out her mandates. More specifically, the Investigator and Compliance Review Officer (ISS) is responsible to:

1. provide advice (where applicable) about the Acts to the public and bodies subject to the Acts;

2. mediate complaints, requests for reviews, and disclosures received under the Acts by working with the parties to achieve settlement;

3. conduct comprehensive investigations into complaints, requests for reviews, and disclosures received under the Acts and prepare investigation reports containing findings and recommendations to remedy any non-compliance, unfairness, wrongdoing or reprisal;

4. evaluate risks to privacy and information security resulting from the implementation of a new public or health body program or activity and make recommendations to mitigate risk;

5. evaluate information technology systems used by public or health bodies to identify information privacy and security risks and make recommendations to mitigate risk;

6. evaluate privacy breaches, including those involving information technology, reported by public and health bodies and works with these bodies to mitigate risks and prevent recurrence;

7. evaluate privacy risks of pilot projects conducted by the Minister of Health under the HIPMA and provide recommendations to mitigate any risks;

8. comment on access to information, privacy, and disclosure policies and procedures, and develop guidance materials and communications to educate the public and the bodies subject to the Acts;

9. in respect of the above, lead investigations, compliance review activities and comments involving information systems security and provide advice and educate the team about information systems security; and

10. work with the bodies subject to the Acts to ensure recommendations made as a result of any of the foregoing are implemented.

Qualifications:

The Investigator and Compliance Review Officer (ISS) must have experience:

• developing or reviewing privacy impact assessments and security threat risk assessments on complex information systems,

• investigating causes of privacy breaches or in privacy breach management involving information systems,

• conducting investigations, analyzing information, drawing conclusions and writing investigation reports,

• interpreting and applying legislation, and conducting legal research,

• writing and communicating effectively,

• fostering and maintaining professional working relationships, and

• working within a team and independently.

It would be beneficial for the Investigator and Compliance Review Officer (ISS) to have:

• experience interpreting and applying ombudsman, access, privacy, and public interest disclosure legislation,

• a CIPP (Certified Information Privacy Professional), CIPM (Certified Information Privacy Manager), CIPT (Certified Information Privacy Technologist), IAPP (Information Access and Protection of Privacy) Certificate, CIAPP (Canadian Institute of Access and Privacy Professionals) Certification, or equivalent, and

• a CISSP (Certified Information Systems Security Professional) or equivalent.

Candidates with a certification as a CISSP (Certified Information Systems Security Professional) or equivalent will be given preference.

For more information about the position and to review the detailed job description for the Investigator and Compliance Review Officer (ISS) visit the Office’s website at: http://www.ombudsman.yk.ca/contact-us. Only those applicants selected for an interview will be notified.

Thank you for your interest in this position.