Teacup Tech Systems
Please apply ONLY if you have Public Service Experience in Canada
Experience and Skill Set Requirements:
Privacy Assessment Experience, Policy and Legislative Requirements:
• Experienced in privacy legislation including Freedom of Information and Protection of Privacy Act (FIPPA), Personal Health Information Protection Act (PHIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA)
• Experienced in conducting privacy assessments involving personal information, citing examples in resume.
• Experienced in leading and conducting privacy assessments with Ontario health or D&V systems involving online and/or mobile digital solutions that handle personal and health related information,
• Lead and conducted assessments involving personal health information involving third party solutions (e.g private sector or non-profit application solutions) and/or service integration providers
• Experienced working with policy development teams; reviewing and comparing policies and legislation to make informed recommendations to ensure adequate privacy protections and considerations are addressed with in policy/legislation.
Technical understanding:
• Experience with privacy risks and conducting PIAs associated with integration between legacy systems, web applications, mobile and cloud based solutions to obtain, retrieve and synchronize information.
• Experience with privacy risks and conducting PIAs involving mobile app solutions and the unique security and privacy challenges associated with such platforms
• Demonstrated experience and familiarity with strong security, encryption and privacy protection approaches to digital solutions, including mobile; web based and backend integrations via API or similar approaches.
• Familiar with Digital Wallet technologies (native within OS or third party) including the security and privacy considerations, limitations and best practices for local data protection on mobile devices
• Familiar with cloud based digital wallet technologies including the security and privacy considerations, limitations and best practices for data protection
• Experience, knowledge and understanding of privacy protection standards and best practices, business, information and security architecture principles and emerging technology related to the protection of privacy and personal information
Leadership and Communications:
• Demonstrated strong communication and engagement skills with ability to lead teams in discovery sessions to elicit details of technical solutions, business processes and/or policies; strong writing skills to document findings, recommendation, etc
• Demonstrated ability to interpret both technical (e.g architecture design documents, process flows, state transition diagrams, etc) and non-technical documentation to conduct assessment of impacts and to develop mitigation strategies
• Strong organizational and time management skills to manage multiple and concurrent requests in an agile and highly dynamic work environment setting.
• Strong presentation abilities to communicate findings, recommendations, etc to senior management and executives to inform decision making; able to communicate Page 6 of 12 complex problems/issues in a simple terms
Digital Identity Frameworks and Standards:
• Experience in developing, applying and/or evaluating digital identity trust frameworks such as the PCTF, eIDAS, or similar.
• Experience with Digital Identity standards such as NIST, FIDO, Open ID Connect, SAML
OPS experience:
• Prior experience with leading and conducting multiple PIAs in OPS setting/ environment, including demonstrated knowledge and experience with OPS processes, existing templates and expectations to obtain approvals/sign off.
Candidates are required to work onsite 3 days per week and 2 days remotely within Ontario only.