In accordance with the Vision, Purpose, and Values, and strategic direction of the Vancouver Island Health Authority, patient safety is a priority and a responsibility shared by everyone at VIHA; as such, the requirement to continuously improve quality and safety is inherent in all aspects of this position.
Reporting to the Senior Manager, Security Advisory Services, the Senior Information Security Specialist is a subject matter expert in information security standards, practices, industry trends and technologies. This position understands and anticipates information security and information management trends that could affect both local as well as cross-health sector initiatives and develops strategies and work plans to ensure the organization remains current and operates in accordance with legislative and other regulatory obligations. Functions as a lead resource in the development of tools and processes for assessing the organizational security risks associated with the deployment of information technologies.
Responsible for leading and conducting investigations, resolving security-related incidents, designing and implementing security related processes and practices across the organization.
Travel may be a requirement of this position. Transportation arrangements must meet the operational requirements of Island Health in accordance with the service assignment and may require the use of a personal vehicle.
Education, Training, and Experience
A level of education, training and experience equivalent to a Bachelor's degree in Computer Science and at least seven (7) years' experience in a large information technology services environment. Active CISSP, CCSP, CISM, SANS GIAC, or Security + certification with healthcare experience preferred.
Skills and Abilities
- Advanced understanding of information security, governance and eHealth practices and trends, related legislation and requirements, provincial eHealth and clinical information systems.
- Demonstrated understanding of information security principles and controls to support risk management identification in electronic systems
- Demonstrated ability to review and assess complex information systems architectures, designs and control specifications, assess such design for compliance and risk, and communicate effectively with senior management and executives where such designs fail to meet legal and regulatory requirements or where the level of associated risk exceeds organizational risk tolerance.
- Comprehensive knowledge of networking concepts and core security technologies including firewalls, anti-virus, intrusion detection/prevention, monitoring/reporting.
- Knowledge of FIPPA, ISO 27002, ISO 27017, and the BC Government Information Security Policy preferred.
- Demonstrated ability to problem solve with a global perspective in order to incorporate the organization's systems and strategies when developing viable solutions to problems
- Demonstrated ability to establish and maintain effective partnerships with a variety of stakeholders while exercising maturity, tact, confidentiality and discretion
- Demonstrated ability to function in a highly dynamic environment, including working under pressure, adapting and responding to changing priorities and meeting deadlines
- Excellent facilitation, coaching, conflict management, planning and interpersonal skills, with the capability of providing leadership and interacting comfortably with a variety of disciplines at all levels of the organization
- Demonstrated ability to assess complex situations and make appropriate recommendations
- Excellent written and oral communication skills coupled with the ability to write or edit high quality business documents
- Demonstrated ability to utilize both analytical skills and conceptual thinking to identify and resolve issues.
- Demonstrated ability to work independently and effectively under time pressure to meet deadlines, balance work priorities and resolve issues appropriately
- Demonstrated superior organizational, time management, listening and recording skills
- Physical ability to perform the duties of the job.
Vaccination Notification: To keep our employees, clients and the communities we serve safe, Island Health is enforcing an employee mandatory vaccination policy which is intended to prevent the transmission of COVID-19. As such, Island Health requires Proof of BC Provincial Immunization Registration as a condition of employment, and any offers of employment are contingent on you providing proof of vaccination prior to commencement of the offered effective date. If an offer of employment is extended, but proof of vaccination is not provided, the offer will be rescinded.