In accordance with the Vision, Purpose, and Values, and strategic direction of the Vancouver Island Health Authority (Island Health) patient and staff safety is a priority and a responsibility shared by everyone; as such, the requirement to continuously improve quality and safety is inherent in all aspects of this position.
Reporting to the Manager, IM/IT Security, the Specialist, Information Management/Information Technology (IM/IT) Security works as a subject matter expert and lead resource in reviewing existing and proposed computer-based application and data access services. Works within IM/IT and with other VIHA business areas to ensure processes and practices support organizational information security policies and standards.
Responsible for monitoring and tracking use of VIHA data processing infrastructure, conducting investigations and resolving electronic data processing security-related incidents. Recommends and implements security processes, technologies and access methods that align with industry security standards and support the secure, uninterrupted operation of all VIHA technology services.
The Specialist, IM/IT Security deals with sensitive and critical situations and provides training and education to IM/IT and other staff on VIHA security procedures, policies and standards.
Education, Training And Experience
A level of education, training and experience equivalent to a Bachelor's degree in Computer Science and five years' experience in a large information technology services environment.
Skills And Abilities
Good working knowledge of IM/IT security principles, management, tools and procedures.
Comprehensive knowledge of core security technologies including firewalls, anti-virus, intrusion detection/prevention, monitoring'/reporting.
Recent relevant experience working with Windows desktop and server technologies in a large information technology environment required.
Good working knowledge of networking concepts and technologies.
Knowledge of FIPPA, ISO 27002 and the BC Government Information Security Policy preferred.
Active CISSP, SANS GIAC, or Security + certification and healthcare experience preferred.
Advanced understanding of information security, governance and eHealth practices and trends, related legislation and requirements, provincial eHealth and clinical information systems.
Solid understanding of information security principles and controls to support risk management identification in electronic systems.
Ability to problem solve with a global perspective in order to incorporate the organization's systems and strategies when developing viable solutions to problems.
Ability to establish and maintain effective partnerships with a variety of stakeholders while exercising maturity, tact, confidentiality and discretion.
Ability to function in a highly dynamic environment, including working under pressure, adapting and responding to changing priorities and meeting deadlines.
Ability to keep skill set up-to-date with new technologies as they are introduced to the workplace.
Excellent facilitation, coaching, conflict management, planning and interpersonal skills, with the capability of providing leadership and interacting comfortably with a variety of disciplines at all levels of the organization.
Ability to assess complex situations and make appropriate recommendations.
Excellent written and oral communication skills coupled with the ability to write or edit high quality business documents.
Ability to utilize both analytical skills and conceptual thinking to identify and resolve issues.
Ability to work independently and effectively under time pressure to meet deadlines, balance work priorities and resolve issues appropriately.
Demonstrated superior organizational, time management , listening and recording skills.
Use of a personal vehicle to travel between multiple sites.
Physical ability to perform the duties of the job.