Manager, Privacy & Security Audit (Health)

Minimum Recruitment Standards

University graduation in a related field (e.g., Information Systems Security Management, Information Technology, Information Systems, Public Administration. Health or Business Administration) and four (4) years of progressively related experience in the privacy, auditing or security field in operational or strategic roles is required.

Other requirements include:

• Working knowledge of operational practices and strategies for privacy and security auditing in electronic health record, medical record or other health information systems 
• Knowledge of information security and privacy standards and practices (Health Information Act and health specific principles);
• Knowledge of auditing of production systems, back-end database systems, and real time monitoring and alerting solutions
• Management supervisory experience 

Preference will be given to those with:

• Demonstrated experience doing auditing on clinical record systems and/or other sensitive repositories 
• Demonstrated experience in handling projects in a large organization 
• Experience working within the health sector with legislation and policy in a large, complex organization or system.
• Project and resource management experience in leading large scale projects; 

The following experience is considered an asset: 

• Master’s degree in a related field 
• Certified Information Systems Security Professional (CISSP) designation
• Certified Information Privacy Professional/Canada (CIPP/C)

Equivalency: 
Related experience or education may be considered as an equivalency on a one for one basis (one year of education for one year of experience or vise versa).

A cover letter outlining how your experience relates to the qualifications of this role is required. The cover letter may be used to assess your communication.