Manager, Information Security

Salary The salary range for this position is CAD $59.56 - $85.62 / hour Job Summary We are hiring a Full Time Manager, Information Security to join our team in Surrey, B.C. In this role, you will help advance patient safety and quality improvement across Fraser Health. The Coordinator, CQPS Education & Strategic Initiatives plays a key role in planning, coordinating, and improving regional QIPS education initiatives that support patient and family‑centred care. A career with Fraser Health will offer you the opportunity to be a part of a dedicated team of professionals in a dynamic and rewarding health care environment. We offer a competitive compensation and benefit package, including comprehensive health benefits coverage. Important to know Confirm you are legally entitled to work in Canada Take the next step and apply so we can continue the conversation with you. Detailed Overview Supporting the Vision, Values, Purpose and Commitments of Fraser Health including service delivery that is centered around patients/clients/residents and families: The Manager, Information Security provides leadership in the development, implementation and uptake of health information systems, clinical and corporate information systems within Fraser Health (FH). Works with FH Leadership, Health Informatics and Information Technology (HIIT) to lead the development, implementation, and continuous improvement of an information security program ensuring the ongoing protection of FH technology infrastructure and information assets. The Manager regularly deals with critical and highly sensitive situations. As a member of the HIIT leadership team, the Manager is part of a coordinated effort to move forward the health, clinical and corporate HIIT vision for FH and to work collaboratively with other team members in promoting new technologies and best practice for service delivery and system operations. Responsibilities Provides leadership in the design and development of health and corporate information systems and applications, maintaining a FH‑wide view of systems and service to support the adoption and ongoing secure operation of clinical and corporate information systems. Plans, manages, and leads the FH information security program with responsibility for the delivery and continuous improvement of the following services in accordance with legislated and other regulatory requirements including: Security Threat Risk Assessments Information Security Risk Governance and Lifecycle Management (in alignment with FH Enterprise Risk Management Framework) Security Policy and Policy Framework development Information Security Training and Awareness program Management of third‑party security risks (Contract reviews, contract schedule development, etc.) Audit, Compliance Management and Monitoring Cloud Security Requirements and Monitoring Develops, maintains and oversees standard operating procedures for intake, prioritization, management and completion of Security Threat Risk Assessments (STRAs). Develops and maintains the processes necessary to facilitate care provider, employee, and citizen access to electronic health and corporate information systems, applications and tools. Works collaboratively as a member of the HIIT leadership team as part of a coordinated effort to move forward FH's health and clinical/corporate information management agenda, promotes and adopts best practice models for service delivery, system operations and information security. Identifies innovative approaches for information management and ensures that standards related to the security of personal health, employee or corporate information are implemented and maintained. Accountable for project priorities and ensures that projects are executed in accordance with FH project management standards and that necessary project resources are in place to ensure successful implementation, in collaboration with assigned business areas. Ensures the ongoing management/maintenance of negotiated vendor contracts. Leads Request For Proposals (RFPs) and vendor selection, negotiates contract with vendors, ensures payment schedule is distributed, and vendor is upholding contract provisions. Manages assigned staff by selecting employees, directing, supervising, and evaluating staff to ensure effective performance of duties, promoting, disciplining and initiating employee terminations. Ensures the implementation of correct human resource standards and procedures, including performance evaluation, education, and orientation as well as compliance with applicable acts, regulations and collective agreements. Manages department operational and capital budgets under the direction of the Director, by performing activities such as approving and tracking expenditures, identifying budget discrepancies, allocating funds across the areas of responsibility, and providing input into budget development. Prepares or provides statistical information on workload measurement, department activity, quality assurance and clinical use on a scheduled or requested basis. Participates on assigned internal and external committees, represents FH as a decision maker on external opportunities to achieve desired outcomes. Develops and maintains collaborative and strong working relationships with key stakeholders internal and external to the organization, including Ministry of Health and Regional Health Authorities. Monitors and is accountable for program or service compliance with legal requirements, accreditation standards, Provincial and Federal Legislation and other applicable regulatory requirements. Performs other related duties as assigned. Qualifications Education and Experience A level of education, training and experience equivalent to a Bachelor's Degree in Information Security or related field. Seven (7) to ten (10) years' experience in progressively more responsible information security leadership/management roles, including five (5) years' experience in a health services systems environment with a specific focus in Cybersecurity. Active CISSP, CCSP, CISM or similar security certification. Competencies Demonstrates the leadership practices of the Fraser Health Leadership Framework of Clear, Caring and Courageous and creates the conditions for people to succeed. Professional/Technical Capabilities Comprehensive knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM) and Vulnerability Scanners. Comprehensive knowledge of information security principles and standards including ISO 27001/27002, NIST Cybersecurity Framework, ISO 27017 and NIST SP 800-53. Current knowledge of legislated requirements and external regulatory requirements that impact FH information security. Ability to communicate technical concepts and information security risks effectively to all audiences including technical, non-technical and executive. Strong presentation, facilitation, coaching, conflict management, planning, project management, and interpersonal skills. Ability to work independently and effectively under time pressure to meet deadlines, balance work priorities and resolve issues. Ability to develop and implement strategic and project plans, policies, procedures and standards. Demonstrated ability to be effective in an environment subject to continuous change. About Fraser Health Fraser Health is the heart of health care for over two million people in Metro Vancouver and the Fraser Valley in British Columbia, Canada, on the traditional, ancestral and unceded lands of the Coast Salish and Nlaka’pamux Nations and is home to 32 First Nations within the Fraser Salish region. People - those we care for and those who care for them - are at the heart of everything we do. Our hospital and community‑based services are delivered by a team of 50,000+ staff, medical staff and volunteers. We are committed to planetary health and value diversity in the workforce. We strive to maintain an environment of respect, caring and trust. Fraser Health’s hiring practices aspire to ensure all individuals are treated in an inclusive, equitable and culturally safe manner. IMPORTANT: Recruitment scam warning Please be on alert for recruitment scams. We are aware of several scams targeting individuals by falsely claiming to represent Fraser Health. Always take precautions when sharing personal details with unverified sources. Please note that we will never ask for money or payment, nor ask you to download or install an app at any point during our recruitment process. #J-18808-Ljbffr