Cybersecurity Leader

We are seeking a highly skilled and experienced Cybersecurity Leader to join our team at Fraser Health. As a key member of our Information Security leadership team, you will be responsible for leading and managing assigned projects, providing leadership to team members, and applying appropriate change management strategies as part of a project.

• Participate as a member of the Information Security leadership team and define the principles that guide security architectural decisions for the enterprise.
• Develop and implement security policies and standards related to architecture, formulating strategies and plans for short-term and long-term security architecture that supports business needs.
• Translate business practices and processes into security architectures to enable delivery of appropriate solutions, ensuring alignment with business requirements and objectives.
• Design and coordinate the implementation of an enterprise-wide security architecture based on business requirements and strategies, directing the activities associated with ensuring compliance with the security of the enterprise architecture.
• Coordinate technical planning for corporate large-scale systems initiatives, working closely with business units, functional area managers, senior IT staff, clinical and architecture team members to define the goals, objectives, and plans that direct systems security design and implementation activities.
• Oversee the research, design, and integration of new and upgraded security technologies, monitoring and analyzing industry trends and best practices, design and system implementation standards, and project requirements to ensure successful integration to Fraser Health's environment and the continued protection of Fraser Health information assets and infrastructure.
• Define security requirements and provide expert research, analysis, and advice for Fraser Health strategic initiatives projects involving information management and/or the deployment of information technology solutions, ensuring alignment with Fraser Health security policy, practices, legal, and regulatory obligations.
• Assist in identifying security-driven strategic opportunities and formulating viable roadmaps for transitioning the business towards strategic outcomes.
• Develop annual goals and objectives for the area of responsibility, in collaboration with the leadership, ensuring consistency with department plans and authority objectives and strategies.
• Develop budgets, analyze variances, and develop corrective actions.
• Provide leadership and direction to team members using effective management techniques, recruiting, selecting, orienting, and training new employees.
• Evaluate breach root causes, implement and recommend resolution strategies, and quality improvement opportunities and risk controls targeted at strengthening organizational, operational, and technical controls.
• Provide expert guidance to staff at all levels of the organization and take a lead role in ensuring information security is considered throughout the design or re-design of programs, services, and projects and initiatives.
• Provide technical consulting related to the acquisition of new systems and standards or the implementation of new applications on existing systems, leading contract negotiations with vendors.
• Initiate partnerships and effectively maintain critical internal linkages to ensure development of a consultative approach to mutual problem-solving, enhancing communication, proactively anticipating and resolving issues, and supporting the implementation of required changes.
• Research, create, compile, and evaluate security information management performance metrics, completing reports including briefing notes and statistical reports on specific subjects such as breach management scorecards, progress of the corporate security educational program within Fraser Health.
• Prepare and deliver presentations to key partners, management, and staff.

A level of education, training, and experience equivalent to a Bachelor's Degree in Information Security or a related field. Five (5) to seven (7) years' experience in progressively more responsible information security leadership/management roles, including two (2) years' experience in a health services systems environment with a specific focus in Cybersecurity.

Demonstrates the LEADS capabilities of Leads Self, Engages Others, Achieves Results, Develops Coalitions, and supports Systems Transformation.

• Extensive knowledge of information security principles, frameworks, standards, best practices, and industry trends.
• Knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM), and Vulnerability Scanners.
• Knowledge of information security principles and standards including ISO 27001/27002, NIST Cybersecurity Framework, ISO 27017, and NIST SP.
• Knowledge of security architecture concepts for enterprise solutions, including technical design, concepts, and methodology.
• Ability to be organized, goal-oriented, proactive, solution-oriented, pragmatic, and the ability to understand the long-term and short-term perspectives.
• Diplomatic negotiation skills and the ability to influence, understanding of, and the ability to manage the political climate of the organization.
• Ability to provide input into project budget development, manage assigned dollars, and estimate financial impact of application architecture alternatives.
• Demonstrated decision-making ability within complex and diverse issues.
• Physical ability to perform the duties of the position.