The Chief Information Security Officer (CISO) ensures compliance between institutional strategies and information security by leading, directing, and managing information security resources, expertise, guidance, and the systems necessary to execute strategic and operational plans across the University’s information systems. The CISO is accountable for the University’s enterprise information security posture, ensuring alignment with institutional risk tolerance, regulatory requirements, and strategic priorities.
The CISO interacts and liaises with all levels of the University including, but not limited to, the Board of Governors, Senior Leadership team, Administrators, bargaining unit members, external audit and compliance bodies, and law enforcement agencies as required. The CISO is responsible for leading the development, enforcement, and maintenance of policies, procedures, measures and mechanisms to protect the confidentiality, integrity and availability of the University’s information systems and data. The role operates within a decentralized academic environment, requiring collaboration across faculties, administrative units, and distributed IT and research systems.
The CISO develops metrics for ongoing performance measurement and reporting to Senior Leadership and the Board of Governors and coordinates technical activities to implement and manage the information security infrastructure. The CISO provides leaderships for the implementation of information security practices across all divisions and operations.
- Bachelor’s degree computing science, information systems, or business-related discipline (Master’s preferred). Relevant professional certifications (e.g., CISSP, CISM) are considered an asset.
- Minimum of seven years of IT experience, including five years in information security and at least two years in a management role.
- Experience in complex, multi-stakeholder environments (e.g., higher education, public sector) is preferred. Strong business, negotiating, organizational, leadership, managerial, and strategic planning skills.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel and other internal and external University stakeholders.
- Ability to work collaboratively with the University’s Risk Management department to assess the risks of specific cyber security practices and technologies.
- Ability to understand and assess the impact of current and changing legislation to support and promote regulatory compliance.
- Ability to strategically direct current cybersecurity capabilities to ensure the organization develops and mobilizes the required digital skills, technologies, and practices required to align with industry best practice.
- Demonstrated experience working with security tools, technologies, mechanisms and policies to support and protect business information infrastructure in a large organization with the strong knowledge of operating system internals, network protocols, and foundational cryptographic principles.
- Knowledge and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Experience developing and maintaining policies, procedures, standards and guidelines using a consultative and inclusive approach.
- Experience with common information security management frameworks.
- Experience in application technology security testing (white box, black box and code review) and in system technology security testing (vulnerability scanning and penetration testing).
- Familiarity with applicable legal and regulatory requirements for post-secondary education in the Province of British Columbia.
- Demonstrated knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls. Excellent understanding of and the ability to stay current with information security concepts, protocols, industry best practices and strategies.
- Strong leadership and influencing skills, with experience collaborating with the risk management team and diverse business units. Strong project management skills and experience in creating and managing complex project plans, including budgeting and resource allocation.
- Proven ability to communicate security technical concepts to nontechnical people to enhance understanding and drive to decisions that lead to positive outcomes.
- Goal-oriented individual who thrives on achieving outcomes through consultative and collaborative methods.
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment of strategies.
- Intercampus travel is required. Possession of a valid driver’s license and access to a vehicle is preferred.
UFV LEADERSHIP PROFICIENCIES
- Create and implement plans - shape, align and execute the strategic priorities to meet student and community needs
- Lead change – Remain flexible, adjusting to changing circumstances and lead positive change by balancing innovation and calculated risk taking
- Cultivate collaborative relationships – Build effective working relationships internally and externally and collaborate to achieve mutually beneficial goals
- Inspire and develop talent - Invest in developing yourself, staff and faculty, effective teams, and our culture of excellence
- Make effective decisions - Make sound and timely decisions that benefit UFV in both straightforward and ambiguous circumstance
- Infuse Indigenization, Equity, Diversity, and Inclusion – Lead by example, valuing differing perspectives and backgrounds and promote equity, inclusion and respect in a diverse environment
Please submit your resume and cover letter by the application deadline.
The University of the Fraser Valley is located on the traditional territory of the Halq'eméylem-speaking peoples. We express our gratitude and respect for the honour of living and working in Stó:lo Tém:éxw (Stó:lo Land; Stó:lo World). In all that we do, UFV strives to support and honour the Stó:lo peoples goals of self-determination and well-being on these lands. A commitment to Indigenization and Reconciliation is core to our institutional Vision and Integrated Strategic Plan: IYAQAWTXW — which means House of Transformation. This commitment includes the goal of centering Indigenous ways of knowing throughout our organization, recognizing our responsibilities to community, and a multi-year plan to increase the number of Indigenous faculty, staff, and administrators working at UFV.
UFV has campus locations in Abbotsford, Chilliwack, Mission, and Hope in the beautiful British Columbia, and in Chandigarh, India. Recognized as one of BC's top employers, UFV offers a combination of career and lifestyle benefits. Join a team of 1,400 passionate professionals who value integrity, inclusivity and excellence. At UFV, you will serve a vibrant community and shape the future of 15,000 students.
Indigenization, equity, and diversity are essential to our work as a university. A diverse community fosters the inclusion of voices that have been historically underrepresented and marginalized. At UFV, we are committed to recruiting a diverse workforce that represents the community we proudly serve. We encourage applications from Indigenous peoples, members of groups that experience discrimination due to race, colour, place of origin, ancestry, and/or religion, persons who identify as women and 2SLGBTQ+, and persons with disabilities. We invite applicants to complete a confidential self-identification survey as part of the application process. All questions are voluntary, with an option to decline to answer. Information will be used to support efforts to broaden the diversity of the recruitment process, and results are not shared with the selection committee. Inquiries about the survey may be directed to [email protected]. Learn more about our commitment to diversity and inclusion.
All qualified candidates are encouraged to apply; however, Canadians and permanent residents will be given priority. In an effort to be both environmentally and fiscally responsible, UFV will contact only candidates receiving an interview. We thank all applicants for considering UFV for employment. Shortlisted applicants may be required to undergo a criminal record check and/ or a verification of their education credentials.
UFV is committed to the principle of equity in employment.