Privacy, Risk and Controls Analyst

The Privacy, Risk, and Controls Analyst will report to the Chief Information and Technology Officer and play a critical role in ensuring that School District 35 adheres to privacy regulations, assesses risks, and maintains effective controls. This position is responsible for conducting privacy assessments, identifying vulnerabilities, and implementing risk mitigation strategies. Additionally, the analyst will provide training to staff members on privacy best practices. Other duties may be necessary as operationally required.

POSTING DETAILS

• Position – Privacy, Risk, and Controls Analyst
• Salary – $83,753.00 to $98,000.00
• Department – Information Technology Services
• Reports To – Chief Information and Technology Officer
• Start Date – As soon as possible (flexible)
• Employment – Full-time, Permanent
• Group – Exempt Staff

RESPONSIBILITIES

Privacy Assessment and Compliance

• Conduct thorough assessments of privacy practices within the school district, focusing on compliance with British Columbia’s Freedom of Information and Protection of Privacy Act (FIPPA).
• Collaborate with relevant stakeholders to identify areas of improvement and recommend corrective actions.
• Ensure that data handling procedures align with privacy laws and regulations.
• Monitor privacy incidents, investigate breaches, and report findings to management.

Risk Analysis and Mitigation

• Evaluate risks associated with various processes, systems, and projects within the school district.
• Develop risk assessment frameworks and methodologies.
• Identify potential risks related to data security, information handling, and operational processes.
• Propose risk mitigation strategies, including controls and safeguards.
• Regularly review risk profiles and adjust strategies as needed.

Staff Training and Awareness

• Design and deliver privacy and risk-related training programs for staff members.
• Educate employees on privacy principles, data protection, and risk management.
• Foster a culture of privacy awareness and compliance throughout the organization.
• Provide guidance on handling sensitive information and maintaining confidentiality.

QUALIFICATIONS

• Bachelor’s degree in a relevant field (e.g., Information Management, Law, Business, or Computer Science) and minimum of two years of experience in privacy, risk assessment, or compliance roles; or a diploma in a relevant field (as stated above) and four years’ related experience; or an equivalent combination of education and experience.
• Certification in privacy management (e.g., Certified Information Privacy Professional (CIPP)) is desirable.
• Familiarity with FIPPA or similar privacy legislation.
• Experience in conducting risk assessments and developing risk mitigation strategies.
• Prior work in the education sector is advantageous.
• Strong analytical skills and attention to detail.
• Excellent communication and training abilities.
• Knowledge of privacy frameworks and best practices.
• Ability to collaborate with cross-functional teams.
• Proficiency in privacy-related tools and software.

PLEASE NOTE

• In accordance with the Criminal Record Review Act, successful applicants will be required to consent to a Criminal Record Check prior to employment.
• We thank you for your interest in the Langley School District; however, only those persons selected for interviews will be contacted.