Associate Director, Cybersecurity Architecture and Development

Job Category
M&P - AAPS

Job Profile
AAPS Salaried - Information Systems and Technology, Level G

Job Title
Associate Director, Cybersecurity Architecture and Development

Department
OCIO | Chief Information Security Office

Compensation Range
$12,755.08 - $19,905.67 CAD Monthly

The Compensation Range is the span between the minimum and maximum base salary for a position. The midpoint of the range is approximately halfway between the minimum and the maximum and represents an employee that possesses full job knowledge, qualifications and experience for the position. In the normal course, employees will be hired, transferred or promoted between the minimum and midpoint of the salary range for a job.

Posting End Date
May 14, 2025

Note: Applications will be accepted until 11:59 PM on the Posting End Date.

Job End Date

This position is expected to be filled by promotion/reassignment and is included here to inform you of its vacancy at the University.

At UBC, we believe that attracting and sustaining a diverse workforce is key to the successful pursuit of excellence in research, innovation, and learning for all faculty, staff and students. Our commitment to employment equity helps achieve inclusion and fairness, brings rich diversity to UBC as a workplace, and creates the necessary conditions for a rewarding career. 

Job Summary

The Associate Director, Cybersecurity Architecture and Development (AD) provides strategic guidance and domain expertise to senior leaders for the development, implementation and support of integrated business solutions and long term plans. It oversees multiple domains and is responsible for the development of relationship and collaboration with UBC Privacy and Information Security Management (PrISM) and other organizations that are part of the broader UBC community and ecosystem. The domains of responsibility for the Associate Director, Cybersecurity and Development are Cybersecurity Architecture, Application Security Analysis,  Cybersecurity Application Development and the Cybersecurity Confidential Communications Platform.

The AD provides strategic guidance and leadership in architecting, managing, and sustaining UBC's suite of Cybersecurity applications. This role ensures alignment with UBC’s long-term strategic goals and objectives while overseeing the effective operation, enhancement, and integration of critical applications. The AD manages multiple teams responsible for the design, development, and day-to-day operations of these systems, ensuring seamless functionality and continuous improvement. The scope of the portfolio includes enterprise systems used across the institution, including applications, infrastructure, and components within the information security ecosystem.

Additionally, the AD acts as the liaison between multiple services provided under the CISO portfolio to ensure alignment of practices and people. This role enhances collaboration between different teams and seeks ways to increase throughput in a sustainable manner. By fostering a cohesive environment and promoting best practices, the AD aims to optimize resource utilization and drive efficient service delivery while researching and promoting industry best practices.

Organizational Status

Reporting to the Chief Information Security Officer (CISO), the AD leads the Cybersecurity Development, Cybersecurity Architecture, and Web Application Protection teams. The AD also supports numerous other initiatives relating to collaboration with the broader higher education sector in Canada.

The AD will use UBC’s strategic plan, the IT Strategic Framework, and the forthcoming Digital Strategy as a framework for developing service strategies and initiatives that align with the University’s strategic goals. The Associate Director must maintain both a macro and micro view of the University’s business goals, functions, and processes.

Work Performed

Specific Duties:

• Leadership and Direction: Provide day-to-day leadership and direction within the CISO portfolio, ensuring alignment with UBC’s and PrISM’s long-term strategic goals and supporting the overall commitments of the university.
• Portfolio Planning: Apply the Office of the CIO (OCIO) planning framework for UBC IT to ensure benefits from investments in new initiatives and successful implementation and ongoing management.
• Systems Development: Oversee the evaluation, installation, configuration, and deployment of new applications within the Program Delivery Portfolio, and/or enhancements to existing applications throughout the enterprise. Develop business case justifications and cost/benefit analysis for IT spending and initiatives.
• Departmental Leadership: Implement strategy and direction developed by the CISO, PrISM, and the Senior Leadership Team within UBC IT and OCIO as it relates to application management and sustainment. Develop a solutions design, development, and transition methodology to scale and operationalize new innovations and support the successful sustainment of new solutions.
• Team Management: Provide strong, effective leadership to the teams within the CISO portfolio. Lead, coach, and mentor the team to ensure they possess the key competencies and awareness of sound principles and practices required to deliver on objectives.
• Sustainment Leadership: Provide strategic direction and leadership for the sustainment of various Cybersecurity and enterprise systems, ensuring alignment with organizational goals and objectives. Manage the teams responsible for the day-to-day operations of these systems and ensure the systems are compliant with security and privacy standards.
• Vendor Management: Manage vendor relationships, negotiate contracts, and identify opportunities to reduce expenses and improve value.
• Financial Oversight: Develop and review budgets for enterprise systems and projects, ensuring they are understood and well- managed. Continuously seek opportunities to increase value and reduce costs. Instill fiscal awareness and responsibility in all management and staff.
• Liaison: Act as the main liaison between core teams within the CISO portfolio, Safety and Risk Services, and other UBC technical teams and various stakeholders. Facilitate communication and collaboration to ensure smooth operations and project delivery.
• IT and Business Partnership: Engage business stakeholders to prioritize incidents and change requests across systems. Unify product roadmaps, utilizing governance structures, to ensure alignment and avoid overlap. Ensure product owners have a shared understanding of critical business needs.
• Emergency Response and Incident Coordination: Lead emergency response and incident coordination efforts, including preparedness, stakeholder management, securing resources for speedy resolution, risk management, response, and communication. Support teams in conducting root cause analysis and drive continuous improvement efforts.
• Harmonizing Processes: Standardize and harmonize processes across cross-functional teams, including release planning, access controls, and end-to-end testing. Ensure processes are aligned with business needs and minimize disruptions.
• Role Clarity: Define clear roles and responsibilities for areas within the portfolio that have overlapping roles. Resolve roleclarity issues and confusion. Identify and leverage synergies between teams to maximize resource utilization.
• Technical Ownership: Identify and document technical owners for each application. Manage relationships with technical owners for collaboration and knowledge sharing and compliance activities.
• Decommissioning and Migration: Identify opportunities to decommission legacy applications and migrate to core applications to improve efficiency and reduce costs.

Core Duties:

• Leads and guides the development of function specific strategies and initiatives that are aligned with the department’s and the University’s strategic goals and long term plans.
• Provides technical expertise and oversees the expansion of innovative business solutions, programs and services.
• Creates and fosters strategic partnerships and influential relationships with senior leaders within OCIO and the broader IT community.
• Sources, negotiates, and allocates financial, physical, or human resources to implement and support major projects and programs.
• Develops and administers budgets for the implementation and support of integrated, cost-effective business solutions.
• Approves and monitors plans, performance targets and measures for reporting areas.
• Develops leadership strength in functional areas by coaching reporting leaders and staff in the development of critical competencies and by modeling valued leadership behaviors.
• Provides career planning advice to staff and creates development plans to help staff achieve their career goals including assigning work which leverages their skills and capabilities and provides them with opportunities for learning.
• Anticipates and analyzes trends in technology and assess the impact of emerging technologies on the business. • Maintains appropriate professional designations and up-to-date knowledge of current information technology techniques and tools.
• Performs other related duties as required.

Consequence of Error/Judgement

Cybersecurity is critical to protecting the University’s enterprise systems, data, and reputation. The Associate Director of Cybersecurity Architecture and Development plays a pivotal role in both designing robust cybersecurity architectures and developing effective solutions to safeguard sensitive information and support the University’s mission.

Failure to establish and maintain effective cybersecurity solutions could expose the University to significant risks, including data breaches, system outages, unauthorized access to sensitive information, and unrealized benefits from critical cybersecurity investments. Such failures could also result in increased recovery costs, inefficiencies that hinder University functions, and severe financial losses.

As a government organization, the University has a legal obligation to ensure the confidentiality, integrity, and availability of constituent data. For a leading research University, a cybersecurity failure could compromise research integrity, leading to the loss of funding, intellectual property, and critical external partnerships. Such outcomes would harm the University’s global reputation, erode public trust, and result in penalties or funding losses that would hinder the achievement of its strategic goals.

Supervision Received
Reports to the Director of Program Delivery takes corporate direction from the Chief Information Officer. Work is reviewed in terms of long- term multi-year objectives and resulting benefits realization.
Supervision Given
Manages staff and consultants directly and indirectly through multiple levels of sub managers.
Minimum Qualifications

Post-graduate degree. Minimum of eleven years of related experience including at least five years of managerial experience plus four years of specialized experience in the design and implementation of major computer systems, or the equivalent combination of education and experience.

• Willingness to respect diverse perspectives, including perspectives in conflict with one’s own
• Demonstrates a commitment to enhancing one’s own awareness, knowledge, and skills related to equity, diversity, and inclusion

Preferred Qualifications

• Demonstrated ability to provide senior level strategic leadership in a complex, multi-stakeholder environment.
• Strong analytical, organizational, and problem-solving skills.
• Excellent communication and interpersonal skills.
• Proven senior level experience in managing budgets and financial plans.
• Demonstrated ability to foster a collaborative and inclusive work environment.
• Commitment to continuous improvement and innovation.

Core Competencies:

Collaboration (Expert – E): Identifies and improves communication to bring conflict within the team into the open and facilitate resolution. Openly shares credit for team accomplishment. Monitors individual and team effectiveness and recommends improvement to facilitate collaboration. Considered a role model as a team player. Demonstrates high level of enthusiasm and commitment to team goals under difficult or adverse September 18, 2014 situations; encourages others to respond similarly. Strongly influences team strategy and processes.

Communication for Results (Expert – E): Converses with, writes strategic documents for, and creates/delivers presentations to internal business leaders as well as external groups. Leads discussions with senior leaders and external partners in ways that support strategic planning and decision-making. Seeks a consensus with business leaders. Debates opinions, tests understanding, and clarifies judgments. Identifies underlying differences and resolves conflict openly and empathetically. Explains the context of multiple, complex interrelated situations. Asks searching, probing questions, plays devil's advocate, and solicits authoritative perspectives and advice prior to approving plans and recommendations

Problem Solving (Advanced – A): Diagnoses problems using formal problem-solving tools and techniques from multiple angles and probes underlying issues to generate multiple potential solutions. Proactively anticipates and prevents problems. Devises, facilitates buy-in, makes recommendations, and guides implementation of corrective and/or preventive actions for complex issues that cross organizational boundaries and are unclear in nature. Identifies potential consequences and risk levels. Seeks support and buy-in for problem definition, methods of resolution, and accountability.

Role Based Competencies:

Leading Self (Expert – E): Draws upon self-awareness and self-control to identify and manage the emotions of others during adverse times. Demonstrates the capacity for self-reflection; looks back at setbacks and/or failures and identifies and applies key learnings for self and others. Solicits feedback from a professional and personal network of experts and strategic advisors. Adapts easily in a continually changing environment and positively influencers others to adapt.

Leading Others (Expert – E): Sponsors and reviews long-term learning needs, career paths, and succession plans for organizational leaders. Mentors and develops critical talent for the future. Ensures that all team members have equitable access to development opportunities.

Creates a diverse and inclusive environment which brings together different ideas, experiences, skills and knowledge. Demonstrates and promotes effective conflict resolution practices.

Leading the Organization (Expert – E): Understands the projected direction of technology in the marketplace and how changes will impact the University and its learning and research environments. Champions the use of strategic alliances that align with the organization’s and the University’s goals to extend organizational impact. Provides necessary support (e.g. systems, processes, resources) for implementation of the organization’s strategic direction and adjusts as necessary to maintain high quality service. Promotes a climate of continuous transformation that will keep the organization and the University agile and “best in class”.