Director, Information Security

at  Fraser Health

Salary range: The salary range for this position is CAD $65.54 - $94.22 / hour Why Fraser Health?:

DIRECTOR, INFORMATION SECURITY

We are seeking a strategic Director of Information Security to provide leadership and direction towards enhancing cybersecurity and sustainability within Fraser Health (FH). The director will be accountable for establishing and advising on authority wide governance and industry best practices while overseeing the evaluation and implementation of information security tools.
This is an exciting and important opportunity to lead and advance information security within healthcare by assessing security threats and risks associated with Fraser Health’s continuing operations. Additionally, the director will provide guidance and leadership to staff when responding to security compliance audits conducted by third parties and regulators such Accreditation Canada, BC Office of the Auditor General and Ministry of Health.
Detailed Overview:

LEADS CAPABILITIES:

Demonstrates the leadership practices of the Fraser Health Leadership Framework of Clear, Caring and Courageous and creates the conditions for people to succeed.

PROFESSIONAL/TECHNICAL CAPABILITIES:

• Comprehensive knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM) and Vulnerability Scanners.
• Comprehensive knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
• Comprehensive knowledge of applicable privacy regulations, legislation, industry standards, and best practices and a solid understanding of issues related to health information protection.
• Ability to define, lead, plan, direct, manage, and implement complex business processes and measurements.
• Ability to develop and implement strategic and project plans, policies, procedures and standards.
• Ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
• Strong presentation, facilitation, coaching, conflict management, planning, project management, and interpersonal skills.
• Ability to work independently and effectively under time pressure to meet deadlines, balance work priorities and resolve issues.
• Demonstrated ability to be effective in an environment subject to continuous change.

Provides leadership and management for Fraser Health’s (FH) enterprise information security and data stewardship program, working closely with multiple partners and stakeholders. The role combines responsibilities for both information security and data stewardship, recognizing and building upon the need to both manage and protect data as a key enterprise asset.
The scope of responsibilities includes establishing strategic directions for FH; providing advisory services including training and education; establishing authority wide governance structures, policies and practices; and operating ongoing program services - working closely with internal stakeholders and partner organizations.
For security, the role includes establishing and maintaining the information security program to protect information assets and associated technology, applications, systems, infrastructure and processes. The role includes responsibility for identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets. In addition, the position is responsible for coordinating with the security operations and incident response services provided by partner organizations.
For data stewardship, the role includes overall accountability for a framework to support the responsible management of enterprise data assets. This role requires focus on data strategy, execution and support for projects, programs, and applications.
Responsibilities: