DIRECTOR, INFORMATION SECURITY & DATA STEWARDSHIP

This is a remote position.

Requirements

• Extensive experience conducting STRAs for healthcare environments, preferably within BC’s health sector.
  
• Familiarity with Ministry of Health security policies, standards, and risk assessment frameworks.
  

• Understanding of clinical and diagnostic systems, particularly in Interventional Cath Labs and Radiology.
  
• Experience assessing security risks in integrated hospital environments and electronic health record (EHR) systems.
  

• Strong grasp of BC privacy legislation (e.g., FIPPA) and healthcare security compliance requirements.
  
• Knowledge of security best practices for medical device connectivity and data protection.
  

• Experience with network security, application security, and third-party risk management.
  
• Ability to analyze system architectures, data flows, and security controls.
  

• Ability to work within tight project timelines and collaborate with multiple stakeholders.
  

• Strong ability to document security findings, risk assessments, and mitigation strategies in a clear and actionable manner.
  
• Effective communication skills to present risk findings and recommendations to both technical and non-technical audiences.
  

• Performing STRAs to assess security risks and compliance requirements.
  
• Identifying vulnerabilities and recommending mitigation strategies.
  
• Collaborating with internal security, clinical, and IT teams to ensure alignment with security policies and regulatory standards.
  
• Documenting findings and providing detailed reports to support risk-informed decision-making.
  
• Supporting the project team in addressing security concerns throughout the implementation timeline.