Senior Information Security Architect

Salary

The salary range for this position is CAD $55.25 - $79.42 / hour Job Summary

Fraser Health is seeking a strategic and experienced Senior Information Security Architect to join our Digital Technology Services team. This leadership role is critical in shaping and advancing the organization’s enterprise security architecture to support a complex and evolving healthcare environment.

As a key member of the Information Security leadership team, you will define and guide security architecture principles, ensuring alignment with business priorities while safeguarding critical systems, data, and infrastructure.

Lead the organization's security threat management program by identifying, assessing, and prioritizing emerging cyber threats and vulnerabilities, and translating threat intelligence into actionable security strategies and architectural controls. Provide technical leadership and guidance for the design, implementation, and continuous improvement of security solutions across enterprise, cloud, application, and operational environments. Partner with technology and business teams to ensure security requirements are effectively integrated into projects and operational initiatives, while supporting incident response activities, risk mitigation efforts, and the advancement of the organization's overall cybersecurity posture.

Key Responsibilities

• Lead security architecture strategy by defining enterprise-wide principles, standards, and policies that guide architectural decisions
• Develop and implement short- and long-term security architecture roadmaps aligned with Fraser Health’s business objectives
• Translate business needs into secure architecture solutions , ensuring alignment between operational processes and cybersecurity requirements
• Collaborate with business leaders, partners, and subject matter experts to design and deliver secure, scalable solutions
• Design and oversee implementation of enterprise security architecture , ensuring consistency and effectiveness across systems and platforms
• Direct compliance efforts to ensure adherence to established security standards, frameworks, and best practices
• Provide expert guidance and leadership in cybersecurity design, risk management, and architectural governance

Qualifications

• Bachelor’s degree in Information Security or a related field, or an equivalent combination of education, training, and experience
• 5–7 years of progressive experience in information security leadership or management roles
• Minimum 2 years of experience in a healthcare environment , with a strong focus on cybersecurity
• Demonstrated experience in enterprise security architecture design and implementation

What We’re Looking For

• Strong expertise in security architecture frameworks, principles, and governance
• Proven ability to align security strategies with business objectives
• Experience working in complex, enterprise-level environments
• Excellent leadership, communication, and stakeholder engagement skills
• Ability to influence, guide, and collaborate across technical and business teams

BC’s health system is in the process of transformation. As part of the planned changes, certain IM/IT, Finance, and Supply Chain roles are expected to be in scope for transition to a new provincial shared services organization, BC Shared Health Services. Candidates applying to positions in these areas should be aware that, while the role is currently employed by the Health Authority, it may transition to BC Shared Health Services as part of the first or subsequent implementation phases. The intent of this transition is to support continuity of employment however, details regarding timing, process, and any impacts to employment arrangements will be confirmed as planning progresses. Providing this information at the recruitment stage is intended to ensure transparency about the broader system changes underway and to support informed decision-making by candidates.

#LI-DNI

Detailed Overview

Supporting the Vision, Values, Purpose and Commitments of Fraser Health including service delivery that is centered around patients/clients/residents and families:

The Senior Information Security Architect is responsible for leading and managing assigned projects, providing leadership to team members and applying appropriate change management strategies as part of a project. Provides advice, guidance, and direction to an assigned portfolio including the development and implementation of security architecture. Collaborates with internal and external partners on key information security technologies at Fraser Health (FH); acts as a key resource and subject matter expert on information security policies, practices and standards; develops, implements, evaluates and manages internal and corporate information security policies, procedures and processes; undertakes a lead role in the delivery and development of information security and risk-related audits; monitors information security tracking systems, network and access controls and compliance systems throughout FH; assists management and staff to ensure information security is considered in the design and/or redesign of programs, services, projects and initiatives within FH; investigates information security incidents and provides information security training, education and awareness to staff and other internal and external partners.

Responsibilities

• Participates as a member of the Information Security leadership team and defines the principles that guide security architectural decisions for the enterprise and develops and implements security policies and standards related to architecture. Formulates strategies and plans for short-term and long-term security architecture that supports business needs.
• Translates business practices and processes into security architectures to enable delivery of appropriate solutions by ensuring alignment with business requirements and objectives, working with partners and leading subject matter experts in the design of solutions.
• Designs and coordinates the implementation of an enterprise-wide security architecture based on business requirements and strategies and then directs the activities associated with ensuring compliance with the security of the enterprise architecture.
• Coordinates technical planning for corporate large-scale systems initiatives, working closely with business units, functional area managers, senior HIIT, Clinical and architecture team members to define the goals, objectives and plans that direct systems security design and implementation activities.
• Oversees the research, design and integration of new and upgraded security technologies by monitoring and analyzing industry trends and best practices, design and system implementation standards, and project requirements all to ensure successful integration to Fraser Health's environment and the continued protection of Fraser Health information assets and infrastructure.
• Defines Security requirements, and provides expert research, analysis and advice, for Fraser Health strategic initiatives projects involvement information management and /or the deployment of information technology solutions ensuring alignment with I Health security policy, practices, legal and regulatory obligations.
• Assists in identifying security driven strategic opportunities and in formulating viable roadmaps for transitioning the business towards strategic outcomes.
• Develops annual goals and objectives for the area of responsibility, in collaboration with the leadership, ensuring consistency with department plans and authority objectives and strategies.
• Develops budgets, analyzes variances and develops corrective actions.
• Provides leadership and direction to team members using effective management techniques (for example, coaching, mentoring, developing skills and leadership, making decisions, building coalitions and managing performance). Recruits, selects, orients and trains new employees.
• Evaluates breach root causes, implements and recommends resolution strategies, and quality improvement opportunities and risk controls targeted at strengthening organizational, operational and technical controls.
• Provides expert guidance to staff at all levels of the organization and takes a lead role in ensuring information security is considered throughout the design or re-design of programs services and projects and initiatives.
• Provides technical consulting related to the acquisition of new systems and standards or the implementation of new applications on existing systems. In conjunction with senior staff or manager, leads contract negotiations with vendors.
• Initiates partnerships and effectively maintains critical internal linkages to ensure development of a consultative approach to mutual problem solving, enhancing communication, proactively anticipating and resolving issues and supporting the implementation of required changes.
• Researches, creates, compiles and evaluates security information management performance metrics. Completes reports including Briefing Notes and statistical reports on specific subjects such as breach management score cards, progress of the corporate security educational program within Fraser Health. Prepares and delivers presentations to key partners, management and staff.
• Performs other related duties as assigned.

Qualifications

A level of education, training and experience equivalent to a Bachelor's Degree in Information Security or related field. Five (5) to seven (7) years' experience in progressively more responsible information security leadership/management roles, including two (2) years' experience in a health services systems environment with a specific focus in Cybersecurity.

COMPETENCIES

Demonstrates the LEADS capabilities of Leads Self, Engages Others, Achieves Results, Develops Coalitions and supports Systems Transformation.

Professional/Technical Capabilities

• Extensive knowledge of information security principles, frameworks, standards, best practices, and industry trends.
• Knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM) and Vulnerability Scanners.
• Knowledge of information security principles and standards including ISO 27001/27002, NIST Cybersecurity Framework, ISO 27017 and NIST SP 800-53.
• Knowledge of security architecture concepts for enterprise solutions including technical design, concepts and methodology
• Ability to be organized, goal-oriented, proactive, solution-oriented, pragmatic and the ability to understand the long-term and short-term perspectives.
• Diplomatic negotiation skills and the ability to influence. Understanding of and the ability to manage the political climate of the organization.
• Ability to provide input into project budget development, manage assigned dollars and estimate financial impact of application architecture alternatives.
• Demonstrated decision making ability within complex and diverse issues
• Physical ability to perform the duties of the position

About Fraser Health

Fraser Health is the heart of health care for over two million people in Metro Vancouver and the Fraser Valley in British Columbia, Canada, on the traditional, ancestral and unceded lands of the Coast Salish and Nlaka’pamux Nations and is home to 32 First Nations within the Fraser Salish region.

People - those we care for and those who care for them - are at the heart of everything we do. Our hospital and community-based services are delivered by a team of 50,000+ staff, medical staff and volunteers.

We are committed to planetary health and value diversity in the work force. We strive to maintain an environment of respect, caring and trust. Fraser Health’s hiring practices aspire to ensure all individuals are treated in an inclusive, equitable and culturally safe manner.

Together, we are the heart of health care.

Instagram | Facebook | LinkedIn | X | Indeed | Glassdoor

IMPORTANT: Recruitment scam warning Please be on alert for recruitment scams. We are aware of several scams targeting individuals by falsely claiming to represent Fraser Health. Always take precautions when sharing personal details with unverified sources. Please note that we will never ask for money or payment, nor ask you to download or install an app at any point during our recruitment process.

• Participates as a member of the Information Security leadership team and defines the principles that guide security architectural decisions for the enterprise and develops and implements security policies and standards related to architecture. Formulates strategies and plans for short-term and long-term security architecture that supports business needs.
• Translates business practices and processes into security architectures to enable delivery of appropriate solutions by ensuring alignment with business requirements and objectives, working with partners and leading subject matter experts in the design of solutions.
• Designs and coordinates the implementation of an enterprise-wide security architecture based on business requirements and strategies and then directs the activities associated with ensuring compliance with the security of the enterprise architecture.
• Coordinates technical planning for corporate large-scale systems initiatives, working closely with business units, functional area managers, senior HIIT, Clinical and architecture team members to define the goals, objectives and plans that direct systems security design and implementation activities.
• Oversees the research, design and integration of new and upgraded security technologies by monitoring and analyzing industry trends and best practices, design and system implementation standards, and project requirements all to ensure successful integration to Fraser Health's environment and the continued protection of Fraser Health information assets and infrastructure.
• Defines Security requirements, and provides expert research, analysis and advice, for Fraser Health strategic initiatives projects involvement information management and /or the deployment of information technology solutions ensuring alignment with I Health security policy, practices, legal and regulatory obligations.
• Assists in identifying security driven strategic opportunities and in formulating viable roadmaps for transitioning the business towards strategic outcomes.
• Develops annual goals and objectives for the area of responsibility, in collaboration with the leadership, ensuring consistency with department plans and authority objectives and strategies.
• Develops budgets, analyzes variances and develops corrective actions.
• Provides leadership and direction to team members using effective management techniques (for example, coaching, mentoring, developing skills and leadership, making decisions, building coalitions and managing performance). Recruits, selects, orients and trains new employees.
• Evaluates breach root causes, implements and recommends resolution strategies, and quality improvement opportunities and risk controls targeted at strengthening organizational, operational and technical controls.
• Provides expert guidance to staff at all levels of the organization and takes a lead role in ensuring information security is considered throughout the design or re-design of programs services and projects and initiatives.
• Provides technical consulting related to the acquisition of new systems and standards or the implementation of new applications on existing systems. In conjunction with senior staff or manager, leads contract negotiations with vendors.
• Initiates partnerships and effectively maintains critical internal linkages to ensure development of a consultative approach to mutual problem solving, enhancing communication, proactively anticipating and resolving issues and supporting the implementation of required changes.
• Researches, creates, compiles and evaluates security information management performance metrics. Completes reports including Briefing Notes and statistical reports on specific subjects such as breach management score cards, progress of the corporate security educational program within Fraser Health. Prepares and delivers presentations to key partners, management and staff.
• Performs other related duties as assigned.

A level of education, training and experience equivalent to a Bachelor's Degree in Information Security or related field. Five (5) to seven (7) years' experience in progressively more responsible information security leadership/management roles, including two (2) years' experience in a health services systems environment with a specific focus in Cybersecurity.

COMPETENCIES

Demonstrates the LEADS capabilities of Leads Self, Engages Others, Achieves Results, Develops Coalitions and supports Systems Transformation.

Professional/Technical Capabilities

• Extensive knowledge of information security principles, frameworks, standards, best practices, and industry trends.
• Knowledge of security technologies such as Cloud Security, Risk Assessment, Security Incident and Event Management (SIEM) and Vulnerability Scanners.
• Knowledge of information security principles and standards including ISO 27001/27002, NIST Cybersecurity Framework, ISO 27017 and NIST SP 800-53.
• Knowledge of security architecture concepts for enterprise solutions including technical design, concepts and methodology
• Ability to be organized, goal-oriented, proactive, solution-oriented, pragmatic and the ability to understand the long-term and short-term perspectives.
• Diplomatic negotiation skills and the ability to influence. Understanding of and the ability to manage the political climate of the organization.
• Ability to provide input into project budget development, manage assigned dollars and estimate financial impact of application architecture alternatives.
• Demonstrated decision making ability within complex and diverse issues
• Physical ability to perform the duties of the position