Director Security and Enterprise Architecture
NL Health Services - 1,003 Jobs
St. John's, NL
Job Details:
Location: 70 O'Leary Avenue
Director Security and Enterprise Architecture
Digital Health - SECURITY & ENTERPRISE ARCHITECTURE
Permanent Full-time
Hours: 70 (8 hours; Days, On-Call)
Salary: HL-29 ($96,046-$124,860) Annual
Competition Number: VAC0019189
Posted Date: 2025-12-12
Closing Date: 2025-12-26
About the Role:
The Director, Security & Architecture provides strategic leadership, direction, and oversight for the cybersecurity and enterprise architecture functions across NL Health Services. This position plays a critical role in safeguarding the confidentiality, integrity, and availability of information and technology systems that support healthcare delivery across the province.
Working within a complex, multi-site, province-wide organization, the Director is responsible for developing, implementing, and governing enterprise strategies for cybersecurity, security operations, cloud and infrastructure security, identity management, and architecture standards. The role ensures alignment with provincial legislation, corporate priorities, and industry best practices, while fostering a culture of security awareness, risk reduction, and operational excellence.
The Director works closely with clinical, operational, and technology leaders to ensure digital health systems are secure, resilient, and capable of evolving to support provincial transformation and modernization initiatives.
You will be responsible for, but not limited to, the following:
- Develops, implements, and maintains the enterprise cybersecurity and security architecture strategy for NL Health Services.
- Provides leadership in developing long-term architecture roadmaps, standards, and frameworks.
- Establishes governance practices to ensure compliance with PHIA, ATIPPA, PIPEDA, and relevant provincial and national regulations.
- Advises executive leadership on emerging cybersecurity threats, risks, and enterprise
architecture considerations. - Oversees the design, implementation, and continuous improvement of cybersecurity policies, standards, and programs.
- Leads the monitoring, assessment, and mitigation of information security risks across the organization.
- Ensures robust identity and access management (IAM/IDAM) practices and technologies are in place.
- Supervises incident response and ensures readiness to manage complex cyber events affecting healthcare operations.
- Leads the development of enterprise architecture principles covering application, data, technology, infrastructure, and security domains.
- Guides investment decisions, solution design, and technology modernization initiatives.
- Ensures architecture alignment with provincial digital health strategy and organizational priorities.
- Oversees architecture reviews, assessments, and approval processes for major technology projects.
- Manages teams responsible for security engineering, security operations, identity management, and enterprise architecture.
- Develops and manages budgets, staffing plans, and resource allocations.
- Oversees vendor relationships, contract negotiations, service agreements, and external partnerships.
- Ensures effective monitoring, detection, and response capabilities for cybersecurity operations.
- Works collaboratively with clinical programs, operations, technology partners, and external agencies.
- Leads cross-functional initiatives related to cybersecurity, digital transformation, and
architectural alignment. - Provides clear communication and guidance to stakeholders at all levels of the organization.
- Travel throughout the province may be necessary.
- Availability for after-hours response and escalations.
About You:
Your education and experience include:
- Bachelor?s Degree in Computer Science, Information Technology, Engineering, or a related field.
- Master?s Degree in Information Security, IT Management, Business Administration (MBA), or a related discipline is an asset.
You have the following skills and abilities:
- One or more of the following certifications is required or preferred: CISSP, CISM, CISA,
CCSP, TOGAF, GIAC (e.g., GSEC, GCIH, GCCC). - Additional certifications such as ITIL Foundation or COBIT are considered assets.
- 7?10 years of progressive experience in information security, cybersecurity, or enterprise architecture within a complex environment.
- Minimum 5 years of leadership/management experience, ideally in a healthcare or public sector setting.
- Demonstrated experience developing and implementing cybersecurity programs, enterprise architecture frameworks, cloud and hybrid security strategies, and identity and access management programs.
- Experience overseeing incident response, risk management, security operations, and
vendor/service management. - Strong understanding of PHIA (NL), ATIPPA (NL), PIPEDA, NIST, ISO 27001, and related
standards. - Advanced knowledge of cybersecurity principles, enterprise architecture, and emerging technologies.
- Strong leadership, communication, and strategic planning skills.
- Ability to collaborate effectively across multidisciplinary teams.
- Demonstrated ability to manage competing priorities in a dynamic healthcare environment.
Demonstrated equivalences maybe considered.
Share This Job:
