ShareFacebookXEmailLinkedIn
Chief Information Security Officer IT Services - Info Security
Abbotsford (King Road)
Application deadline:
August 25, 2026Job Number: J0726-0281
Status: Permanent
Open Positions: 1
Salary Schedule: Exempt Salary Schedule, Group 14
Hours/Week: 35
Salary: $114,071.00 - $174,909.00/Year
Compensation Details: Compensation beyond the mid-point requires approval by the Public Sector Employers' Council Secretariat (PSEC).
Position Description
Job SummaryThe Chief Information Security Officer (CISO) ensures compliance between institutional strategies and information security by leading, directing, and managing information security resources, expertise, guidance, and the systems necessary to execute strategic and operational plans across the University's information systems. The CISO is accountable for the University's enterprise information security posture, ensuring alignment with institutional risk tolerance, regulatory requirements, and strategic priorities.
The CISO interacts and liaises with all levels of the University including, but not limited to, the Board of Governors, Senior Leadership team, Administrators, bargaining unit members, external audit and compliance bodies, and law enforcement agencies as required. The CISO is responsible for leading the development, enforcement, and maintenance of policies, procedures, measures and mechanisms to protect the confidentiality, integrity and availability of the University's information systems and data. The role operates within a decentralized academic environment, requiring collaboration across faculties, administrative units, and distributed IT and research systems.
The CISO develops metrics for ongoing performance measurement and reporting to Senior Leadership and the Board of Governors and coordinates technical activities to implement and manage the information security infrastructure. The CISO provides leaderships for the implementation of information security practices across all divisions and operations.
Qualifications - Bachelor's degree computing science, information systems, or business-related discipline (Master's preferred). Relevant professional certifications (e.g., CISSP, CISM) are considered an asset.
- Minimum of seven years of IT experience, including five years in information security and at least two years in a management role.
- Experience in complex, multi-stakeholder environments (e.g., higher education, public sector) is preferred. Strong business, negotiating, organizational, leadership, managerial, and strategic planning skills.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel and other internal and external University stakeholders.
- Ability to work collaboratively with the University's Risk Management department to assess the risks of specific cyber security practices and technologies.
- Ability to understand and assess the impact of current and changing legislation to support and promote regulatory compliance.
- Ability to strategically direct current cybersecurity capabilities to ensure the organization develops and mobilizes the required digital skills, technologies, and practices required to align with industry best practice.
- Demonstrated experience working with security tools, technologies, mechanisms and policies to support and protect business information infrastructure in a large organization with the strong knowledge of operating system internals, network protocols, and foundational cryptographic principles.
- Knowledge and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Experience developing and maintaining policies, procedures, standards and guidelines using a consultative and inclusive approach.
- Experience with common information security management frameworks.
- Experience in application technology security testing (white box, black box and code review) and in system technology security testing (vulnerability scanning and penetration testing).
- Familiarity with applicable legal and regulatory requirements for post-secondary education in the Province of British Columbia.
- Demonstrated knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls. Excellent understanding of and the ability to stay current with information security concepts, protocols, industry best practices and strategies.
- Strong leadership and influencing skills, with experience collaborating with the risk management team and diverse business units. Strong project management skills and experience in creating and managing complex project plans, including budgeting and resource allocation.
- Proven ability to communicate security technical concepts to nontechnical people to enhance understanding and drive to decisions that lead to positive outcomes.
- Goal-oriented individual who thrives on achieving outcomes through consultative and collaborative methods.
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment of strategies.
- Intercampus travel is required. Possession of a valid driver's license and access to a vehicle is preferred.
UFV LEADERSHIP PROFICIENCIES - Create and implement plans - shape, align and execute the strategic priorities to meet student and community needs
- Lead change - Remain flexible, adjusting to changing circumstances and lead positive change by balancing innovation and calculated risk taking
- Cultivate collaborative relationships - Build effective working relationships internally and externally and collaborate to achieve mutually beneficial goals
- Inspire and develop talent - Invest in developing yourself, staff and faculty, effective teams, and our culture of excellence
- Make effective decisions - Make sound and timely decisions that benefit UFV in both straightforward and ambiguous circumstance
- Infuse Indigenization, Equity, Diversity, and Inclusion - Lead by example, valuing differing perspectives and backgrounds and promote equity, inclusion and respect in a diverse environment
How to ApplyPlease submit your resume and cover letter by the application deadline.
Are you interested in this job?