Cybersecurity Lead
Vancouver, WA, United States
Primary site: Hornby - 1190 Hornby Vancouver, British Columbia V6Z2J5 Canada
PHC Multi-Site: Hornby
LMC Multi-Site:
Categories: Management/Non Union
Min Hourly: 54.16 CAD
Max Hourly: 77.86 CAD
Salary grade: 09
Employment type: Regular Full-Time
Rotation: Days
FTE: 1.00
Schedule:
Union: 970
Labour agreement: EXCL
As per the current Public Health Orders (Long Term Care/Seniors Assisted Living Provincial Health Order and the Health Sector Order), as of October 26, 2021, all employees working for Providence Health Care must be fully vaccinated against COVID-19. Proof of vaccination status will be required.
What You Will Do Summary Reporting to the Director of Advanced Data & Cloud Technology, the Cybersecurity Lead is responsible for safeguarding our organization's digital assets and ensuring compliance with relevant data security regulations, policies, and procedures. The Cybersecurity Lead plays a crucial role in developing, implementing, and maintaining robust cybersecurity measures to protect sensitive information. What You Will Do Summary Reporting to the Director of Advanced Data & Cloud Technology, the Cybersecurity Lead is responsible for safeguarding our organization's digital assets and ensuring compliance with relevant data security regulations, policies, and procedures. The Cybersecurity Lead plays a crucial role in developing, implementing, and maintaining robust cybersecurity measures to protect sensitive information.
These duties apply to information systems under direct PHC management, but also information systems which are operated under shared management with other organizations. In the latter case, this role acts as a liaison, work in partnership with counterparts at the other organizations to implement the commonly agreed approach. In particular, the role works closely with Provincial Digital Health and Information Services (PDHIS), including their Information Security staff.
What You Bring Education, Training and Experience What You Bring Education, Training and Experience
Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; seven (7) years’ experience securing information systems, preferably in the Health Care context, or an equivalent combination of education, training and experience.
Experience in the following areas is also required:
Managing cybersecurity operations, including threat detection, incident response, and vulnerability management.
Development and implementation of cybersecurity policies, procedures, and best practices.
Hands-on interaction with of SaaS, PaaS, and IaaS providers (preferably Amazon and Microsoft), providing guidance on secure system and service configuration.
Security technologies such as firewalls, IDS/IPS, SIEM, DLP, endpoint protection, and encryption.
Familiarity with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
Conducting security audits, risk assessments, and compliance assessments.
Working within multi-disciplinary teams, including those involving representatives from different organizations.
Skills and Abilities
Strong understanding of networking and system administration.
Strong analytical and problem-solving skills.
Demonstrably excellent communication and interpersonal skills, with the ability to communicate technical concepts to non-technical peers and leaders.
Knowledge of current cybersecurity trends, threats, and best practices.
Change management processes and project management methodologies (including Agile).
Familiarity with DevOps and SecDevOps processes and techniques.
Demonstrated ability in building and maintaining effective working relationships with business leaders, peers, users and partners to align activities into overall strategic objectives.
Demonstrated ability to exercise sound judgment, critical thinking and effective decision-making.
Demonstrated ability to respond to changing priorities and unforeseen circumstances.
Physical ability to perform the duties of the job.
Other Desirable Attributes
Professional certifications such as CRISC, TOGAF, CISSP, CISM, CISA, SABSA, ITIL, CompTIA Security+, GSEC or equivalent.
Knowledge and experience with NIST CSF-RMF, ISO 27001/2, and COBIT.
What We Offer Policies and Procedures: Develop, maintain, and implement comprehensive PHC-specific cybersecurity policies and procedures tailored to the healthcare delivery, ensuring alignment with broader PHSA/PDHIS policies and procedures and compliance with relevant regulations such as PIPEDA. What We Offer Policies and Procedures: Develop, maintain, and implement comprehensive PHC-specific cybersecurity policies and procedures tailored to the healthcare delivery, ensuring alignment with broader PHSA/PDHIS policies and procedures and compliance with relevant regulations such as PIPEDA.
Threat Identification & Avoidance: In coordination with counterparts at PDHIS, lead and oversee security threat and risk assessment (STRA) activities, vulnerability scans/assessments, penetration testing, and security audits to identify and direct necessary adjustments to mitigate potential threats and vulnerabilities in PHC IT infrastructure.
Response Preparedness & Execution: Establish and maintain PHC-specific incident response plans and protocols that interface as needed with broader PDHIS standard operating procedures so as to effectively address and contain cybersecurity incidents, minimizing their impact on patient data and critical systems.
System Compliance: Determines systems compliance based on security profile. Negotiates selection and/or decommissioning of systems that are no longer secure, provides resolution how data will be transitioned, and processes replaced. Identifies the effects to PHC systems by VPP wide security changes or policies. Requests training and resources to address PHC system needs.
Staff Awareness & Education: Provide guidance and training to staff members on cybersecurity best practices, promoting a culture of security awareness throughout the organization.
Continuous Learning & Adaption: Collaborate with IT teams, healthcare professionals, and external partners to stay updated on emerging threats and technologies, and to continuously improve PHC’s cybersecurity posture.
Other Duties: Performs other related duties as required.
#J-18808-Ljbffr