Director, Cyber Security OperationsCyber Security Modernization
Burnaby, BC
In accordance with the Purpose, Vision, Values and Coast Salish Teachings, and strategic directions of PHSA, safety, including both patient and employee safety, is a priority and a responsibility shared by everyone at PHSA. As such, the requirement to continuously improve quality and safety is inherent in all aspects of this position.
The Provincial Health Services Authority (PHSA) plans, manages, and evaluates selected specialty and province-wide health care services across BC, working with the geographic health authorities to deliver technology solutions that improve the health of people living in BC. PHSA embodies values that reflect a commitment to excellence.
Reporting to the Senior Executive Director, Security for Provincial Digital and Health Information Systems (PDHIS), the Director acts as an interface between the Senior Executive Directors, strategic and governance-based activities, and the tactical work of the technology-focused analysts, engineers, and managers in their teams that provide services to PHSA, Vancouver Coastal Health (VCH), Providence Health Care (PHC), Fraser Health Authority (FHA), in addition to security services made available to other regional health organizations.
The Director provides reporting to the Senior Executive Director, Vancouver Coastal Health Authority, PHSA, and Providence Health Care (VPP) risk management program and PDHIS technology leads, and develops and implements long-term and short-term security strategies, policy developments, and operational requirements, including evaluation of services and capabilities, in relation to security strategies.
Specific Portfolios:
- Cyber Security Operations – Security Operations and Cyber Incident Response teams are responsible for overseeing the PHSA’s overall security operations with a specific focus on clinical systems, administrative systems, operational technologies (OT), information, data security, and network security. Security Operations teams will work closely with relevant teams to manage deployed security technologies across on-premises and cloud environments, and other asset focused security processes.
- Cyber Security Intelligence, Analytics & Monitoring – These teams are responsible for delivering Cyber Security threat detection capabilities and leveraging threat intelligence to proactively identify cyber events to maintain PHSA’s Cyber Security resiliency. Additionally, the Security Monitoring & Vulnerability Management teams work with adjacent Cyber Security teams to leverage technology to enable more efficient protect, detect, and respond processes. These teams are supported by the Security Operations and Incident Response team and broader PDHIS teams to respond to identified Cyber Security threats.
- Cyber Security Strategy, Assessment, & Awareness - The Compliance team develops and maintains security policy and standard documentation. The Assessment and Advisory Services team works closely with technology, security, and privacy teams across Vancouver Coastal Health Authority, PHSA, and Providence Health Care (VPP) to provide delivery of project-based and ongoing security assessment and advisory requirements. The Security Architecture team works closely with Enterprise Architecture teams to develop and maintain the organization’s security architecture artifacts that can be used by technology and security teams across supported organizations.
What you’ll do
- Negotiates and facilities consensus both internally across PDHIS and PHSA and externally including VCH, PHC, regional Health Organizations, MoH, as well as vendors, suppliers, and contractors, thereby managing the intersections of a complex mandate with various on-going initiatives.
- Implements and leads the effective tactical execution of the entire team’s strategic and capability roadmap, in consultation with organizational leadership.
- Promotes effective relationships across VPP organizations, FHA, and various internal and external groups and partner organizations including the MoH and other regional health authorities, by engaging vested parties.
- Partners with other business and Cyber Security leaders to direct PHSA’s strategy, ensure directional alignment and drive continual improvement.
- Develops and maintains the vision and service plan that supports the goals and strategies of PHSA, and other partner organizations served.
- Oversees the team’s operations and cyber risk reporting mandates to key vested parties.
- Administers the team’s delivery of periodic security audits to provide assurance for the security of systems and data.
- Develops and manages the operating budget, allocates resources, and supports the annual capital planning process. Monitors budget performance, planning and adjusting operations-and/or-staffing to meet projections and annual targets, approves expenditures and prepares summaries for fiscal reporting.
- Oversees and approves budget for direct reports.
- Manages and advances Cyber Security standards and policies to ensure continual effectiveness and alignment with relevant and emerging best practices.
- Ensures effective programs are in place to deliver and maintain a high level of security awareness among staff at all levels.
- Executes periodic security audits to provide assurance for the security of systems and data and ensures that the risks associated with security audit findings are adequately tracked from identification through remediation.
What you bring
Qualifications
- A level of education, training, and experience equivalent to a Master’s degree in Computing Science or related discipline and at least ten (10) years of recent, progressive experience in information security management roles.
- Excellent communication skills including the ability to facilitate, negotiate, and persuade others.
- Ability to respond to vested parties' needs supported by an acute awareness of actions' impact.
- Demonstrated ability to problem-solve with a global perspective in order to incorporate the organization’s systems and strategies when developing viable solutions to problems.
- Hold a valid CISSP, CISM or similar certification.
- Be results-oriented with highly developed leadership skills.
- Working knowledge of security frameworks such as NIST and CIS.
- Experience leading or performing Cyber Security assessments and familiarity with formal audit processes.
Skills & Knowledge
- Demonstrated knowledge and understanding of legislative obligations and provincial commitments found in the foundational documents - including Truth & Reconciliation Commission’s Calls to Action (2015), In Plain Sight (2020), BC's Declaration on the Rights of Indigenous Peoples Act (2019), United Nations Declaration on the Rights of Indigenous Peoples (UNDRIP), Reclaiming Power and Place Missing and Murdered Indigenous Women & Girls Calls for Justice (2019), the Declaration Act Action Plan and Remembering Keegan: A First Nations Case Study - and how they intersect across the health care system.
- Models and supports full team commitment to Indigenous-specific anti-racism, anti-racism and Indigenous Cultural Safety including oversight and commitment to education strategy.
- Collaborates with peers to ensure Indigenous-specific Anti-racism and ICSH are applied holistically through department as whole.
- Commitment to upholding the shared responsibility of creating lasting and meaningful reconciliation in Canada as per TRC (2015) and BC's Declaration on the Rights of Indigenous Peoples Act (2019).
- As a strong asset for consideration, we are looking for our successful candidate to have: Knowledge of social, economic, political and historical realities of settler colonialism on Indigenous Peoples and familiarity with addressing Indigenous-specific anti-racism, anti-racism and Indigenous Cultural Safety and foundational documents and legislative commitments (The Declaration Act, the Declaration Action Plan, TRC, IPS, Remembering Keegan, etc.).
What we bring
Every PHSA employee enables the best possible patient care for our patients and their families. Whether you are providing direct care, conducting research, or making it possible for others to do their work, you impact the lives of British Columbians today and in the future. That’s why we’re focused on your care too – offering health, wellness, development programs to support you – at work and at home.
- Join one of BC’s largest employers with province-wide programs, services and operations – offering opportunities for growth, development, and recognition programs that honour the commitment and contribution of all employees.
- Access to professional development opportunities through our in-house training programs, including +2,000 courses, such as our San’yas Indigenous Cultural Safety Training course, or Core Linx for Leadership roles.
- Enjoy a comprehensive benefits package, including municipal pension plan, and psychological health & safety programs and holistic wellness resources.
- Annual statutory holidays (13) with generous vacation entitlement and accruement.
- PHSA is a remote work friendly employer, welcoming flexible work options to support our people (eligibility may vary, depending on position).
- Access to WorkPerks, a premium discount program offering a wide range of local and national discounts on electronics, entertainment, dining, travel, wellness, apparel, and more.
Job Type: Regular, Full-Time
Salary Range: $141,146 - $202,898 /year. The starting salary for this position would be determined with consideration of the successful candidate’s relevant education and experience, and would be in alignment with the provincial compensation reference plan. Salary will be prorated accordingly for part time roles.
Location: 1795 Willingdon Ave, Burnaby, BC V5C 6E3
Closing date: Applications accepted until position is filled
Hours of Work: 0800-1600 (Monday to Friday)
Requisition # 172334E