Reference # JG-18500
Meridia Recruitment Solutions has partnered with Nova Scotia Health, who provide health services in hospitals, health centres and community-based programs throughout Nova Scotia, to recruit for their Director, Cyber Security and Risk in Nova Scotia.
Nova Scotia Health and IWK Health provide sustainable safe and high-quality health care which is accessible, people-centered, promotes health and wellness and optimizes the health of all Nova Scotians. This is accomplished through the operation of acute care health centres and the provision of a variety of inpatient and community-based programs and services including mental health and addictions, primary health care, public health and continuing care.
Role Description:
The Director, Cyber Security and Risk reports to the Chief Information Officer (CIO), IM/IT, and is responsible for the information security, and IT risk functions for Nova Scotia Health and IWK Health, setting the direction for information security and IT risk and implementing the target operating model(s) and security strategy. This role is responsible for the successful execution of the IT risk and IT security remediation roadmap, as well as making strategic decisions as challenges arise and changes occur in Nova Scotia’s Digital Health threat landscape. The Director, Cyber Security and Risk will lead the group’s resource management, financial planning, and budget management in partnership with HR, Finance, and Business Management.
The Director reports to the, CIO, and is responsible for the information security function for Nova Scotia Health and IWK Health, setting the direction for information security and implementing the target operating model and security strategy in partnership with Cyber Security and Digital Solutions (CSDS) Nova Scotia.
The Director must have a strong understanding of:
- Cyber Security strategy & roadmap development;
- Security architecture;
- Cyber Security organization & sourcing;
- Cyber Security & IT risk frameworks (specifically NIST and COBIT, ITIL would be an asset);
- People management;
- Financial budgeting and forecasting.
The Director will also be responsible for Board and Executive level updates and communications and be able to distill highly technical information to an appropriate level for non-technical audiences.
Your responsibilities will include:
- Determining the optimal approach for leveraging and aligning to provincial information security policies, procedures and standards.
- Determining relevant metrics, key performance indicators (KPIs) and key risk indicators (KRIs) that need to be tracked and reported periodically between control owners, stakeholders (internal and external), security governance committees, internal audit and senior management to provide transparency into Nova Scotia Health’s and IWK Health’s risk posture.
- Setting up and managing contractual relationships with third parties that are responsible for providing managed security services. Includes third party contracts and memorandums of understanding/operating agreements with Province of Nova Scotia departments.
- Designing an information security framework to translate applicable requirements into a unified set of controls to manage information security efforts. Includes selecting relevant information security standards and combining all relevant information security requirements to simplify the management of security controls.
- Advises the CIO, with respect to overall information security reporting, KPI development, COBIT framework implementation, IT risk management, financial planning, and performance measurement at a program/service level
- Establishes and maintains relationships and partnerships including with CSDS, clinical, academic, government, research, foundations, and other system partners to inform decision making on communication tools and services.
- Communicates and discusses guidelines and procedures with section heads to ensure responsibilities, authorities and accountabilities are defined and understood.
- Leads a healthy, safe, diverse, and respectful workplace by championing and practicing sound human resources management by attracting, recruiting and retaining high caliber talent.
- Leads a fiscally responsible department by following sound budget management.
- Supports the CIO in developing and implementing IM/IT strategies.
Your Qualifications:
- Minimum of 5 to 7 years’ leadership experience in an organization of significant size and/or complexity
- Strong knowledge of information and Cyber Security frameworks, controls, and best practices
- Strong knowledge of risk management principles
- Strong understanding of the COBIT 2019 IT governance framework
- Strong analytical, organizational and problem-solving skills with the ability to multi-task to meet tight deadlines
- Understanding of IT tools and processes (eg: ITIL change management)
- Ability to execute through effective delegation, motivation, and oversight
- Experience in data analytics for decision support
- Ability to prioritize and meet deadlines
- Demonstrable management experience in both direct report teams as well as staff with indirect accountabilities to other operational units
- Ability to develop and establish financial policies and procedures
- Excellent verbal, written communication, and influencing skills
To express interest in this opportunity, please click on the "Apply Now" button below.
For more information contact Jamie Grant, Partner at 902-420-1809 or Brooke Ireland, Senior Consultant at 902-421-1214. If you require accommodation to participate in the recruitment process, please let Brooke know.
Meridia Recruitment Solutions connects leading organizations with top talent by building strong relationships and creating ideal matches with candidates because we are only successful when you are. We appreciate your interest in this opportunity.
To learn more about Meridia Recruitment Solutions, our job opportunities, and career advice we invite you to explore our site and subscribe for career alerts.
