Work in Tech

At the University of Waterloo, we create and promote a culture where everyone can reach their full potential. As an employee, you get support & opportunities that empower you to advance your career. Explore how we can bring big ideas to life, together. The University is a welcoming workplace for those of all abilities, interests, and expertise. As part of our workforce, you can do what you do best, every day.

Learn more about our recruitment process.

Job Requisition ID:

2025-00602

Time Type:

Full time

Employee Group:

Staff

Job Category:

Administrative Support

Employment Type:

Permanent

Department:

Legal and Immigration Services - Legal Counsel

Hiring Range:

$85,399.86 - $106,749.82

Posting Information:

The internal posting deadline for this position is Thursday, October 2, 2025 at 11:59PM.

Job Description:

Primary Purpose

The incumbent represents the Mission and Values of Legal & Immigration Services (LIS) and the University of Waterloo. The Information Privacy Officer is responsible for the management and analysis of sensitive data to ensure compliance with privacy and access regulations and guidelines. This role involves designing and implementing technical solutions for data privacy, conducting privacy audits, and collaborating with various departments to ensure the secure handling of personal and confidential information. The Information Privacy Officer will work closely with the Secretariat, Information Security Services team and with the departments of Information Systems & Technology, Institutional Analysis and Planning, and other stakeholders to uphold data protection principles within the organization. Reporting directly to Legal Counsel – Privacy, this position is accountable for risk identification and assessment for compliance of the University’s responsibilities under the provincially mandated Freedom of Information and Protection of Privacy Act (FIPPA). The LIS team fulfills the University’s obligations under the relevant privacy legislation.

Key Accountabilities

Data Management and Governance

• Provide guidance to the university community on information and privacy legislation and organizational policies

• Ensure data access controls and usage guidelines align with privacy requirements

• Collaborate with Legal Counsel, Privacy, to enhance monitoring, auditing and improvement of information and privacy practices

• Maintain accurate records of inquiries, incidents, and resolutions

• Collect and manage confidential data and statistics for reporting purposes

• Develop reports for Legal Counsel, Privacy, and General Counsel to inform senior leadership of information and privacy-related activities at the University

• Collaborate with Legal Counsel, Privacy, to provide strategic recommendations and development of policies and procedures related to information and privacy

• Conduct environmental scans across the sector to stay informed on sector-wide information and privacy trends

• Implement best practices for file and information management using the electronic data management system

Privacy Policy and Procedure Development

• Consult with Legal Counsel and stakeholders to develop and update privacy policies, procedures, and guidelines in compliance with provincial laws and regulations

• Partners with departments to identify and classify sensitive data, ensuring proper protection and retention

• Collaborate with cross-functional teams to identify and address data inter-dependencies that impact privacy compliance

• Develop and maintain strong relationships with departmental experts to understand their data usage while aligning with privacy guidelines

• Design and maintain data dashboards that provide insights into privacy compliance metrics

• Evaluate reporting tools that uphold privacy mandates and contribute to back-end architecture decisions

• Contribute to the development of advanced privacy analytics methodologies and tools

• Identify opportunities to leverage technology for enhanced privacy self-assessment and decision support

• Promote a culture of continuous improvement in terms of efficiency and leveraging systems capacities and technologies

Privacy Audits and Compliance

• Monitor the University’s compliance with relevant laws and regulations

• Conduct regular audits to identify and mitigate information and privacy risks

• Partner with departments to identify areas for improving data handling processes while ensuring compliance with access and privacy regulations

• Facilitate Privacy Impact Assessments and provide guidance in consultation with Legal Counsel, Privacy to ensure University projects and processes consider and address privacy issues

• Address gaps and overlaps within data sets, proposing methods to enhance data collection and processing, ensuring data integrity and compliance are maintained

• Using knowledge of best practices, assist in the development of incident response procedures related to data breaches and or privacy incidents, facilitating communication with affected parties and regulatory bodies as required

Develop and Promote Information and Privacy Practices

• Promote a University-wide culture of privacy and information awareness in collaboration with key stakeholders

• Develop and maintain a communication and education strategy for academic and academic support units to promote and develop privacy protection

• Provide training on access and privacy, breach awareness, and privacy-promoting work habits

• Coach and train constituents on record-keeping obligations

• Design and execute privacy-related employee surveys to gauge awareness and concerns

• Liaise and consult with other post-secondary Privacy Offices to share access and privacy best practices

Required Qualifications

Education

• University degree in relevant fields such as Information Management, Privacy, Legal Studies, Data Science, or related field, or equivalent combination of education and experience

Professional Qualifications and Licenses

• Relevant professional designation from the International Association of Privacy Professionals (IAPP) or other recognized professional bodies is an asset

Experience

• Minimum of 2 years of experience reviewing and managing privacy case files, applying privacy legislation, and preparing clear summaries or recommendations for decision-maker

• Demonstrated experience interpreting and applying the Freedom of Information and Protection of Privacy Act (FIPPA), including preparing responses and engaging with the Information and Privacy Commissioner of Ontario

• Experience independently advancing cases or initiatives through their full lifecycle within a large, multi-stakeholder environment

Knowledge/Skills/Abilities

• Familiarity with data governance and privacy regulations

• Knowledge of relevant data analysis tools and privacy compliance frameworks

• Familiarity with the University of Waterloo’s policies and guidelines is an asset

• Understanding access to information and privacy protection matters, and related legislation and policy in a university or public sector setting

• Strong critical thinking, problem-solving, and professional judgment with excellent writing and reasoning skills

• Ability to take ownership of files and drive them through the entire process, coordinating stakeholders and maintaining accountability until completion

• Demonstrated skill in analyzing case details and identifying key issues, risks, and opportunities, with the ability to present practical recommendations that move the file forward

• Ability to critically review files and cases, interpret key facts and implications, and distill them into clear, concise summaries that support informed decision-making at the senior level

• Ability to interpret complex privacy regulations, communicate them in clear, accessible language, and create and deliver effective training programs to educate diverse audiences

• Meticulous attention to detail in reviewing data and ensuring compliance with formal business practices

• Ability to build standardized reports of relevant data using real-time integrations and in enterprise-grade database management tools

• Adapts readily and effectively to changing priorities and demands

• Highly competent in maintaining a high level of professionalism, ethical standards, and confidentiality

• Strong influential and consultative skills with the ability to build effective relationships

• Stay updated on evolving privacy laws and emerging technologies impacting higher education, and adapts accordingly

• Proven ability to work independently and resourcefully

• Driven by equitable, diverse, and inclusive practices

Equity Statement

The University of Waterloo acknowledges that much of our work takes place on the traditional territory of the Neutral, Anishinaabeg, and Haudenosaunee peoples. Our main campus is situated on the Haldimand Tract, the land granted to the Six Nations that includes six miles on each side of the Grand River. Our active work toward reconciliation takes place across our campuses through research, learning, teaching, and community building, and is coordinated within the Office of Indigenous Relations.

The University values the diverse and intersectional identities of its students, faculty, and staff. The University regards equity and diversity as an integral part of academic excellence and is committed to accessibility for all employees. The University of Waterloo seeks applicants who embrace our values of equity, anti-racism and inclusion. As such, we encourage applications from candidates who have been historically disadvantaged and marginalized, including applicants who identify as First Nations, Métis and/or Inuk (Inuit), Black, racialized, a person with a disability, women and/or 2SLGBTQ+.

Positions are open to qualified candidates who are legally entitled to work in Canada.

The University of Waterloo is committed to accessibility for persons with disabilities. If you have any application, interview, or workplace accommodation requests, please contact Human Resources at hrhelp@uwaterloo.ca or 519-888-4567, ext. 45935.