GENERAL SUMMARY:

The position reports directly to the Deputy Information Security Officer. This position will work in a collaborative effort within the Information Privacy and Security Office and the Community Care Services (CCS) business unit and/or assigned Joint Venture(s) to ensure security programs and technical controls follow policies, applicable laws, and regulations. This position is responsible for aligning the strategy/services provided by CCS with IPSO policies, procedures, processes, and services to ensure compliance and protection of patient and organizational systems and data. An ability to communicate effectively through the leadership ranks and executive presence with influencer leadership are essential. This liaison role is critical for aligning cybersecurity with business unit priorities. The Sr. Cybersecurity Liaison is the primary point of contact between the Information Privacy and Security Office (IPSO) and the Community Care Services (CCS) assigned business unit. In addition, Joint Venture(s) (JV) relationship management may be assigned as needed.

Key success criteria for this role include:

• Raise the cybersecurity program's profile within the organization.
• Increase delivery of cybersecurity services internally.
• Connect with assigned unit, learn their needs, and offer them cybersecurity and operational support; and
• Organize and execute cybersecurity service delivery.

PRINCIPLE DUTIES AND RESPONSIBILITIES:

• Build relationships with business unit leaders to align business goals with cybersecurity priorities and reframe risk discussions in business terms.
• Liaise between cybersecurity and assigned business unit(s) to ensure adherence to appropriate cybersecurity policies, standards, and frameworks.
• Evaluate business unit initiatives and provide cybersecurity recommendations based on guidance and policy relating to each program or system.
• Consult with business unit to assess security needs, identify gaps, and develop risk mitigation strategies.
• Educate stakeholders on cybersecurity-related matters to increase awareness and improve culture.
• Provide knowledge and guidance on IPSO service catalog processes to ensure compliance and successful implementation of business, health products, and services.
• Coordinate with IPSO and IT groups to implement security processes and controls that enable business objectives.
• Advocate for cybersecurity interests and represent business unit security concerns.
• Identify improvement opportunities (proactive and reactive)
• Participate in cybersecurity and business-related councils or working groups, as necessary.
• Respond to business unit queries in support of the business initiatives and projects.
• Document and represent business unit requests for exceptions to security policies/standards.