Interior Health is looking for a permanent full time Information Security Architect to join our Information Management & Information Technology team at our office in Kelowna.
About the Role:
The Information Security Architect plays a key role in assisting Interior Health (IH) departments and staff with security compliance by providing initial intake, assessment, and prioritization of requests for IMIT Information Security Services and/or events requiring incident response prioritizing based on risk and urgency, ensuring that work activities are logged and tracked and that higher priority events are appropriately escalated. The Information Security Architect secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.
The Information Security Architect will understand all the factors that make up an infrastructure security posture, including security operations, technical configurations, business needs and industry best practices, and apply these factors to ensure IHA has a sound information security ecosystem. The position also helps coordinate investigations for security-related incidents and policy violations as well as participates as a key member of an integrated breach response team. The Information Security Architect deals with sensitive and critical situations and provides training and education on IH's security procedures, policies, and standards at all levels of the organization.
Some Key Duties may include:
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues.
• Develops, assesses, implements, manages and recommends security policies, procedures and processes, including the preparation of reports, updates and briefings for presentations.
• Develops specifications for security systems by gathering information from stakeholders and support vendors, developing and documenting systems and procedures and preparing implementation plans.
• Provides technical advice and consultation by performing analysis, formulating recommendations for proposed technology changes, and providing input into systems development for new technology.
• Conducts information security investigations and performs breach management activities utilizing approved processes and techniques to conduct electronic audits, review security logs, and gather forensic evidence.
• Participates in security, vulnerability, and risk assessments related to the information security features of the systems, networks, and related administrative activities; recommends mitigation strategies where necessary.
• In collaboration with other Information Privacy and Security personnel, promotes security best practices by developing and assisting in the delivery of corporate-wide security education and training materials to staff, physicians, clinicians, management, and external customers.
• Assists in the delivery of Information Privacy and Security training programs and initiatives.
• Assists in the support of provincial eHealth programs and initiatives that require privacy and security compliance.
• Actively participates on internal and external committees as required.
• Performs other duties as assigned.
Make a difference. Love your work. Apply today! Interior Health strives to create an environment where you enjoy the work you do, the place where you work, and the people around you. Together, we create great workplaces....Be part of a dynamic team!
Education, Training, and Experience:
• Graduation from a recognized degree program in Computer Science, plus five (5) to seven (7) years of recent, related experience working with Windows desktop and server technologies in a large, enterprise, public sector and/or health care environment, or an equivalent combination of education, training, and experience.
• Preferred completion of the Certified Information Systems Security Professional (CISSP) or other recognized information security certification.
• Comprehensive knowledge of information security principles, standards, best practices, and industry trends.
Click To Apply Here