Director, Health System Cybersecurity Governance

Job Information
Job Title: Director, Health System Cybersecurity Governance 
Job Requisition ID: 65568
Ministry: Health
Location: Edmonton
Full or Part-Time: Full Time
Hours of Work: 36.25 hours per week
Permanent/Temporary: Permanent
Scope: Open Competition
Closing Date: December 27, 2024
Classification: Senior Manager Zone 2
Salary: ​$4,274.26 to $5,427.68 bi-weekly ($111,558 - $141,662/year)
 

The Government of Alberta is committed to a diverse and inclusive public service that reflects the population we serve to best meet the needs of Albertans. Consider joining a team where diversity, inclusion and innovation are valued and supported. For more information on diversity and inclusion, please visit: https://www.alberta.ca/diversity-inclusion-policy.aspx

The Ministry of Health leads work in the areas of Alberta health insurance and benefits, doctors, hospitals and facilities, and other healthcare supports and information. This includes key systems such as Alberta Netcare, the provincial Elecontric Health Record, and MyHealth Records, an online tool that allows Albertans to view their own electronic health records. For more information on the work Alberta Health does, visit this link: https://www.alberta.ca/health.aspx.

Role Responsibilities

Are you ready to lead Alberta Health’s charge in safeguarding sensitive health information? Reporting to the Executive Director of Data Access and Information Privacy, the Director, Health System Cybersecurity and Privacy Operations is at the forefront of ensuring the security and privacy of Alberta’s health data in a rapidly evolving digital landscape.

Key Responsibilities: 

Strategic Leadership: Lead the development of a security and privacy program aligned with business goals. Provide senior management with insights on emerging threats and ensure compliance with regulations.

Procedure Development: Maintain security and privacy procedures, including breach management and security assessments. Keep practices updated to address new threats and industry standards.

Service Delivery: Oversee privacy and security guidance aligned with the Health Information Act and departmental directives. Ensure services address privacy and security issues for Albertans.

Risk Management: Conduct risk assessments and manage incident response processes. Lead investigations into breaches and ensure actions are taken across assets.

Team Leadership: Lead and mentor a high-performing security and privacy operations team. Define goals and support professional development.

Compliance and Auditing: Ensure adherence to relevant legislation, including the Health Information Act. Oversee audits of Alberta Electronic Health Record and databases.

Stakeholder Communication: Communicate risks and initiatives effectively to stakeholders. Act as the primary contact for security/privacy inquiries and liaise with departments and the Office of the Information and Privacy Commissioner.

Apply today if this sounds like the perfect opportunity to make a meaningful impact in privacy and security within Alberta’s healthcare system!

Please click on this link to view the job description for this position.

APS Competencies

Competencies are behaviors that are essential to reach our goals in serving Albertans. We encourage you to have an in depth understanding of the competencies that are required for this opportunity and to be prepared to demonstrate them during the recruitment process.
 

This link will assist you with understanding competencies:
https://www.alberta.ca/system/files/custom_downloaded_images/psc-alberta-public-service-competency-model.pdf.
 

Our ideal candidate is someone who demonstrates the following competencies:
 

Drive for Results - Develop procedures and practices that foster collaboration and respect across all areas of the organization. Develop new and more efficient approaches to common problems.
 

Systems Thinking -  Develop long term strategies for Heath security and privacy. Understand and participate in engagement across the GOA.

Develop Networks -  Develop strong, trust-based relationships with stakeholders by establishing partnerships to educate and influence tailored guidance on compliance issues.
 

Agility – Technology changes quickly and constantly. Candidate must demonstrate agility in how they will be able to keep up with technical change from the perspective of cybersecurity and privacy.

Qualifications

University degree in Information Systems Security Management, Information Technology, Information Systems, Public Administration, or a related field supplemented by a minimum of seven (7) years in cybersecurity and or/privacy operations is required.
 

Equivalency: 
Related experience or education may be considered as an equivalency on a one for one basis.

• 1 year of education for 1 year of experience; or 
• 1 year of experience for 1 year of education

The following knowledge, skills and experiences are considered assets:

• Experience in developing and implementing cybersecurity strategies and managing privacy operations.
• Knowledge of access and privacy legislation, including general and health-specific access and privacy legislation, policy frameworks, and legal precedents in Alberta and other jurisdictions.
• Knowledge of information policy, privacy, and security requirements, and best practices within the health sector.
• Understanding of major health IM/IT systems and initiatives, including electronic health record information systems.
• Strong understanding of security and privacy principles, practices, and technologies.
• Experience with security and privacy frameworks and compliance standards.
• Excellent leadership, communication, and interpersonal skills.
• Proven ability to manage complex projects and multidisciplinary teams.
• Strong analytical and problem-solving skills with a proactive approach to risk management.
• Knowledge and/or experience with the health system.
• Completed certifications: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), Information Access and Protection of Privacy (IAPP).

A cover letter outlining how your experience relates to the qualifications of this role is required.

Minimum recruitment standards outline the minimum education and experience required for appointment to a job classification. 
Refer to https://www.alberta.ca/alberta-public-service-minimum-recruitment-standards.

Notes

This competition will be used to staff one (1) full-time permanent position.
 

Hours of Work
7.25 hours daily/ 36.25 hours weekly, Monday to Friday

Location
ATB Place North, Edmonton, Alberta. This position requires working from the office with an option to qualify for a hybrid work arrangement (in accordance with GOA policy).

Other information: 

• This position maybe used to fill future vacancies across the Government of Alberta, at equal or lower classification and salary. 
• Top candidates will undergo security screening

In your resume, please include dates (including months and years) associated with all education and work experience. Also, please indicate whether your work experience is casual, part time or full time.

Any costs associated with obtaining the required documents/checks as noted or interview travel expenses, will be the responsibility of the candidate. Out-of-province applicants can obtain the required documents/checks from the province they currently reside in. 

Links and information on what the GoA has to offer to prospective employees.

• Working for the Alberta Public Service - https://www.alberta.ca/advantages-working-for-alberta-public-service.aspx
• Public Service Pension Plan (PSPP) - https://www.pspp.ca
• Management Employees Pension Plan (MEPP) - https://www.mepp.ca
• Alberta Public Service Benefit Information - https://www.alberta.ca/alberta-public-service-benefits
• Professional learning and development - https://www.alberta.ca/professional-development-support-directive
• Research Alberta Public Service Careers tool – https://researchapscareers.alberta.ca
• Positive workplace culture and work-life balance
• Opportunity to participate in flexible work arrangements such as working from home up to two days per week and modified work schedule agreement
• Leadership and mentorship programs

How To Apply
Applicants are advised to provide information that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies.
 

Candidates are required to apply for a job online. Please visit https://www.alberta.ca/job-application-resources#before for more information. Please visit Recruitment Principles, for more information.
 

It is recommended applicants who have completed post-secondary studies from outside of Canada obtain an evaluation of their credentials from the International Qualifications Assessment Service (IQAS)(https://www.alberta.ca/international-qualifications-assessment.aspx) or from a recognized Canadian Credential Evaluator; please visit the Alliance of Credential Evaluation Services of Canada for more information (https://canalliance.org/en/default.html).

It is recommended that applicants include the assessment certificate from IQAS or any other educational assessment service as part of their application.

Closing Statement
This competition may be used to fill future vacancies, across the Government of Alberta, at the same or lower classification level.

We thank all applicants for their interest. All applications will be reviewed to determine which candidates' qualifications most closely match the advertised requirements. Only individuals selected for interviews will be contacted.

If you require any further information on this job posting or require an accommodation during the recruitment process, please contact Abhishek Sharma at Abhishek.Z.Sharma@gov.ab.ca.