Senior Information Security Architect

About The Position

Requirements

• Bachelor’s degree in Information Security or a related field, or an equivalent combination of education, training, and experience
• 5–7 years of progressive experience in information security leadership or management roles
• Minimum 2 years of experience in a healthcare environment, with a strong focus on cybersecurity
• Demonstrated experience in enterprise security architecture design and implementation
• Strong expertise in security architecture frameworks, principles, and governance
• Proven ability to align security strategies with business objectives
• Experience working in complex, enterprise-level environments
• Excellent leadership, communication, and stakeholder engagement skills
• Ability to influence, guide, and collaborate across technical and business teams
• A level of education, training and experience equivalent to a Bachelor's Degree in Information Security or related field.
• Five (5) to seven (7) years' experience in progressively more responsible information security leadership/management roles, including two (2) years' experience in a health services systems environment with a specific focus in Cybersecurity.
• Extensive knowledge of information security principles, frameworks, standards, best practices, and industry trends.
• Knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM) and Vulnerability Scanners.
• Knowledge of information security principles and standards including ISO 27001/27002, NIST Cybersecurity Framework, ISO 27017 and NIST SP 800-53.
• Knowledge of security architecture concepts for enterprise solutions including technical design, concepts and methodology
• Ability to be organized, goal-oriented, proactive, solution-oriented, pragmatic and the ability to understand the long-term and short-term perspectives.
• Diplomatic negotiation skills and the ability to influence. Understanding of and the ability to manage the political climate of the organization.
• Ability to provide input into project budget development, manage assigned dollars and estimate financial impact of application architecture alternatives.
• Demonstrated decision making ability within complex and diverse issues
• Physical ability to perform the duties of the position

Responsibilities

• Lead security architecture strategy by defining enterprise-wide principles, standards, and policies that guide architectural decisions
• Develop and implement short- and long-term security architecture roadmaps aligned with Fraser Health’s business objectives
• Translate business needs into secure architecture solutions, ensuring alignment between operational processes and cybersecurity requirements
• Collaborate with business leaders, partners, and subject matter experts to design and deliver secure, scalable solutions
• Design and oversee implementation of enterprise security architecture, ensuring consistency and effectiveness across systems and platforms
• Direct compliance efforts to ensure adherence to established security standards, frameworks, and best practices
• Provide expert guidance and leadership in cybersecurity design, risk management, and architectural governance
• Participates as a member of the Information Security leadership team and defines the principles that guide security architectural decisions for the enterprise and develops and implements security policies and standards related to architecture.
• Formulates strategies and plans for short-term and long-term security architecture that supports business needs.
• Translates business practices and processes into security architectures to enable delivery of appropriate solutions by ensuring alignment with business requirements and objectives, working with partners and leading subject matter experts in the design of solutions.
• Designs and coordinates the implementation of an enterprise-wide security architecture based on business requirements and strategies and then directs the activities associated with ensuring compliance with the security of the enterprise architecture.
• Coordinates technical planning for corporate large-scale systems initiatives, working closely with business units, functional area managers, senior HIIT, Clinical and architecture team members to define the goals, objectives and plans that direct systems security design and implementation activities.
• Oversees the research, design and integration of new and upgraded security technologies by monitoring and analyzing industry trends and best practices, design and system implementation standards, and project requirements all to ensure successful integration to Fraser Health's environment and the continued protection of Fraser Health information assets and infrastructure.
• Defines Security requirements, and provides expert research, analysis and advice, for Fraser Health strategic initiatives projects involvement information management and /or the deployment of information technology solutions ensuring alignment with I Health security policy, practices, legal and regulatory obligations.
• Assists in identifying security driven strategic opportunities and in formulating viable roadmaps for transitioning the business towards strategic outcomes.
• Develops annual goals and objectives for the area of responsibility, in collaboration with the leadership, ensuring consistency with department plans and authority objectives and strategies.
• Develops budgets, analyzes variances and develops corrective actions.
• Provides leadership and direction to team members using effective management techniques (for example, coaching, mentoring, developing skills and leadership, making decisions, building coalitions and managing performance). Recruits, selects, orients and trains new employees.
• Evaluates breach root causes, implements and recommends resolution strategies, and quality improvement opportunities and risk controls targeted at strengthening organizational, operational and technical controls.
• Provides expert guidance to staff at all levels of the organization and takes a lead role in ensuring information security is considered throughout the design or re-design of programs services and projects and initiatives.
• Provides technical consulting related to the acquisition of new systems and standards or the implementation of new applications on existing systems. In conjunction with senior staff or manager, leads contract negotiations with vendors.
• Initiates partnerships and effectively maintains critical internal linkages to ensure development of a consultative approach to mutual problem solving, enhancing communication, proactively anticipating and resolving issues and supporting the implementation of required changes.
• Researches, creates, compiles and evaluates security information management performance metrics. Completes reports including Briefing Notes and statistical reports on specific subjects such as breach management score cards, progress of the corporate security educational program within Fraser Health. Prepares and delivers presentations to key partners, management and staff.
• Performs other related duties as assigned.