Senior Information Security Architect

at  Fraser Health

Salary range: The salary range for this position is CAD $54.16 - $77.86 / hour Why Fraser Health?:
Fraser Health continues to be recognized as one of BC’s Top Employers, are you someone who is passionate about making a difference in the lives of others?
Fraser Health is responsible for the delivery of hospital and community-based health services to over 1.9 million people in 20 diverse communities from Burnaby to Fraser Canyon on the traditional territories of the Coast Salish and Nlaka’pamux Nations. Our team of nearly 45,000 medical staff and volunteers is dedicated to serving our patients, families and communities to deliver on our vision: Better health, best in health care.

PROFESSIONAL/TECHNICAL CAPABILITIES:

• Extensive knowledge of information security principles, frameworks, standards, best practices, and industry trends.
• Knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM) and Vulnerability Scanners.
• Knowledge of information security principles and standards including ISO 27001/27002, NIST Cybersecurity Framework, ISO 27017 and NIST SP 800-53.
• Knowledge of security architecture concepts for enterprise solutions including technical design, concepts and methodology
• Ability to be organized, goal-oriented, proactive, solution-oriented, pragmatic and the ability to understand the long-term and short-term perspectives.
• Diplomatic negotiation skills and the ability to influence. Understanding of and the ability to manage the political climate of the organization.
• Ability to provide input into project budget development, manage assigned dollars and estimate financial impact of application architecture alternatives.
• Demonstrated decision making ability within complex and diverse issues
• Physical ability to perform the duties of the position

The Senior Information Security Architect is responsible for leading and managing assigned projects, providing leadership to team members and applying appropriate change management strategies as part of a project. Provides advice, guidance, and direction to an assigned portfolio including the development and implementation of security architecture. Collaborates with internal and external partners on key information security technologies at Fraser Health (FH); acts as a key resource and subject matter expert on information security policies, practices and standards; develops, implements, evaluates and manages internal and corporate information security policies, procedures and processes; undertakes a lead role in the delivery and development of information security and risk-related audits; monitors information security tracking systems, network and access controls and compliance systems throughout FH; assists management and staff to ensure information security is considered in the design and/or redesign of programs, services, projects and initiatives within FH; investigates information security incidents and provides information security training, education and awareness to staff and other internal and external partners.

Responsibilities:

• Participates as a member of the Information Security leadership team and defines the principles that guide security architectural decisions for the enterprise and develops and implements security policies and standards related to architecture. Formulates strategies and plans for short-term and long-term security architecture that supports business needs.
• Translates business practices and processes into security architectures to enable delivery of appropriate solutions by ensuring alignment with business requirements and objectives, working with partners and leading subject matter experts in the design of solutions.
• Designs and coordinates the implementation of an enterprise-wide security architecture based on business requirements and strategies and then directs the activities associated with ensuring compliance with the security of the enterprise architecture.
• Coordinates technical planning for corporate large-scale systems initiatives, working closely with business units, functional area managers, senior HIIT, Clinical and architecture team members to define the goals, objectives and plans that direct systems security design and implementation activities.
• Oversees the research, design and integration of new and upgraded security technologies by monitoring and analyzing industry trends and best practices, design and system implementation standards, and project requirements all to ensure successful integration to Fraser Health’s environment and the continued protection of Fraser Health information assets and infrastructure.
• Defines Security requirements, and provides expert research, analysis and advice, for Fraser Health strategic initiatives projects involvement information management and /or the deployment of information technology solutions ensuring alignment with I Health security policy, practices, legal and regulatory obligations.
• Assists in identifying security driven strategic opportunities and in formulating viable roadmaps for transitioning the business towards strategic outcomes.
• Develops annual goals and objectives for the area of responsibility, in collaboration with the leadership, ensuring consistency with department plans and authority objectives and strategies.
• Develops budgets, analyzes variances and develops corrective actions.
• Provides leadership and direction to team members using effective management techniques (for example, coaching, mentoring, developing skills and leadership, making decisions, building coalitions and managing performance). Recruits, selects, orients and trains new employees.
• Evaluates breach root causes, implements and recommends resolution strategies, and quality improvement opportunities and risk controls targeted at strengthening organizational, operational and technical controls.
• Provides expert guidance to staff at all levels of the organization and takes a lead role in ensuring information security is considered throughout the design or re-design of programs services and projects and initiatives.
• Provides technical consulting related to the acquisition of new systems and standards or the implementation of new applications on existing systems. In conjunction with senior staff or manager, leads contract negotiations with vendors.
• Initiates partnerships and effectively maintains critical internal linkages to ensure development of a consultative approach to mutual problem solving, enhancing communication, proactively anticipating and resolving issues and supporting the implementation of required changes.
• Researches, creates, compiles and evaluates security information management performance metrics. Completes reports including Briefing Notes and statistical reports on specific subjects such as breach management score cards, progress of the corporate security educational program within Fraser Health. Prepares and delivers presentations to key partners, management and staff.
• Performs other related duties as assigned.

Qualifications:
A level of education, training and experience equivalent to a Bachelor’s Degree in Information Security or related field. Five (5) to seven (7) years’ experience in progressively more responsible information security leadership/management roles, including two (2) years’ experience in a health services systems environment with a specific focus in Cybersecurity.