Information Security Architect

Why Fraser Health?

Fraser Health continues to be recognized as one of BC's Top Employers, are you someone who is passionate about making a difference in the lives of others?

 

Fraser Health is responsible for the delivery of hospital and community-based health services to over 1.9 million people in 20 diverse communities from Burnaby to Fraser Canyon on the traditional territories of the Coast Salish and Nlaka’pamux Nations. Our team of 43,000 staff, medical staff and volunteers is dedicated to serving our patients, families and communities to deliver on our vision: Better health, best in health care.

 

We have an exciting Full Time opportunity for a Cloud Security Architect to join our rapidly growing Information Security Team.

 

The Cloud Security Architect will provide technical leadership, design, implementation, integration, and oversight of the organizations cloud-based security solutions and systems, with an emphasis on securely facilitating business operations.

 

Fraser Health in in the process of maturing its security posture and is searching for an individual who can build and operate a holistic cloud security practice. This opportunity goes beyond the technical details of secure cloud implementations and supporting how Fraser Health can be strategic in its adoption of cloud services.

 

Effective October 26th, 2021, all new hires to Fraser Health will need to have full COVID 19 vaccination (have received a full series of a World Health Organization “WHO” approved vaccine against infection by SARS-COV-2, or a combination of approved WHO vaccines). Please note this applies to all postings, and individual medical exemptions must be approved by the Provincial Health Officer.

 

Build on your education and career experience as you:

• Build a cloud security practice within the information security team.
• Provide oversight on security architecture methodologies and best practices in the implementation of building or buying cloud solutions.
• Develop and maintain security architecture models
• Provide mentoring, advice and guidance to other security architects, projects and clinical & business stakeholders on where security can address their needs.
• Create a cloud security plan for staff.
• Support the creation of a security structure that operates and manages our cloud presence across multiple providers.
• Provide cloud security expertise in parallel with building the cloud program.

Supporting the Vision, Values, Purpose and Commitments of Fraser Health including service delivery that is centered around patients/clients/residents and families:

Collaborates with internal and external stakeholders on key information security technologies at Fraser Health (FH); acts as a key resource and subject matter expert on information security policies, practices and standards; develops, implements, evaluates and manages internal and corporate information security policies, procedures and processes; undertakes a lead role in the delivery and development of information security and risk-related audits; monitors information security tracking systems, network and access controls and compliance systems throughout FH; assists management and staff to ensure information security is considered in the design and/or redesign of programs, services, projects and initiatives within FH; investigates information security incidents and provides information security training, education and awareness to staff and other internal and external stakeholders.

1. Develops, assesses, implements, manages and provides recommendations on information security policies, procedures and processes; prepares reports, papers, updates and information security briefings for presentations to internal and external stakeholders; reviews, evaluates and provides recommendations on related information security policies and processes consistent with established FH policies.


2. Designs, implements and maintains enterprise security solutions and access controls to ensure compliance with security procedures, policies, professional standards and related legislation; provides monitoring, auditing and investigation expertise into security, policy and appropriate use violations.


3. Collaborates with teams within the IM/IT in leading the security vision and implementing strategy on security architectures of applications, programs and innovative initiatives.


4. Develops specifications for information security systems to operate on a local and wide area network system by gathering information from stakeholders and support vendors, develops and documents systems and procedures and prepares implementation plans.


5. Investigates and reviews information security incidents and/or violations of a sensitive nature that have varied implications including the potential for recommending disciplinary action or penalties for staff and third party vendors in breach of corporate policies and procedures.


6. Provides expert technical advice and consultation to internal and external stakeholders by performing analysis, providing recommendations for proposed information security technology changes and providing input into systems development for new technology, technology solutions and technology alternatives.


7. Collaborates with the Information Privacy department and other key stakeholders in promoting information security best practices by developing and assisting in the delivery of FH-wide security education and training materials to staff, internal and external stakeholders.


8. Participates in information security, vulnerability and risk assessments related to the security features of the information systems, networks and relayed administrative activities; recommends mitigation strategies, where applicable.


9. Analyzes complex information through acute problem solving in order to manage and investigate security incidents; develops reports, action plans and response communication on mitigation strategies; assists and supports the provincial e-Health programs and initiatives in security and privacy compliance.


10. Participates in the development of information security technology solutions to align with industry and FH information security standards; evaluates and recommends third party solutions, where applicable.


11. Acts as project leader on assigned security-related projects by developing project plans and charters, identifying major project milestones, associated tasks and timelines, managing deliverables and evaluating project outcomes.


12. Develops annual goals and objectives for the area of responsiblity,  in collaboration with the Director, ensuring alignment with department plans, organizational objectives and strategies.


13. Maintains current awareness of global security trends and changes by monitoring federal and provincial initiatives, conducts industry comparisons and attends seminars and workshops.

Education and Experience

Bachelor's degree in Computer Science, or a related field supplemented with five (5) years' recent related experience in an information security role in a large complex multi-site organization including completion of cybersecurity certification such as Certified Information Systems Professional (CISSP) program or related SANS/GIAC security certifications, or an equivalent combination of education, training and experience.

Competencies

Demonstrates the leadership practices of the Fraser Health Leadership Framework of Clear, Caring and Courageous and creates the conditions for people to succeed.

Professional/Technical Capabilities:

• Extensive knowledge of information security principles, frameworks, standards, best practices, and industry trends.


• Knowledge of information security issues as it relates to web-based applications


• Working knowledge of vulnerability assessment tools including VPN technologies


• Knowledge of security architecture concepts for enterprise solutions including technical design, concepts and methodology


• Working knowledge of threat risk analysis as it relates to information security risk assessments


• Demonstrated knowledge and understanding of core Microsoft and other software-based technologies and strategies


• Ability to plan, organize, prioritize and implement projects in a dynamic environment with changing priorities


• Ability to develop, implement and deliver education and training programs/initiatives


• Ability to operate related equipment including applicable software applications


• Physical ability to perform the duties of the position