Information Security Analyst

at  Lifemark Health Group

SUMMARY

Lifemark Health Group is seeking an enthusiastic Senior Information Security Analyst to join our dynamic Security Team in a permanent full-time position. You will investigate and resolve security breaches detected by those our security solutions, will be responsible for monitoring systems, both host and network-based, and help improve the implementation of those systems. You will monitor and review product consoles, analyzing events, and determining which events are actionable. You will need to interact with all business functions, bridging the gap between technical data and business objectives.

YOUR EXPERIENCE:

• Experience with network applications, firewall security, virtual private networking and SIEM
• Exposure to Microsoft Azure and Amazon Web Services
• Knowledge of network and host IDS/IPS
• Strong familiarity with data classification concepts and processes
• Solid understanding of data loss and data protection processes
• Experienced in a wide variety of technical solutions focused on data protection and cyber security
• Exposure with Microsoft Windows Server and Microsoft Azure

YOUR CORE COMPETENCIES & SKILLS:

• Excellent time management skills
• Strong written and verbal communication
• Work with different divisions understanding their IT Security needs
• Set clear expectations and define key performance indicators for self
• Work within a team environment providing insight when appropriate
• Superior organizational skills, attention to detail, and ability to prioritize and manage multiple tasks
• Ability to successfully interact with non-technical business contacts
• Ability to analyze and understand technical information
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Ability to conduct research into IT security issues and products as required

ADDITIONAL QUALIFICATIONS:

• Associate degree in a related technical field or equivalent experience
• Network+, Security+, GISP, MCSA, CISSP with demonstrated knowledge of security frameworks or standards such as CIS top 20, NIST and ISO 27001
• Understanding of remote management tools and techniques
• Extensive knowledge of Microsoft Windows operating systems and MS Office 2010/16/O365
• An understanding of network topologies and protocols (including firewalls, routers, switches, access points)
• Experience with Microsoft Active Directory and PowerShell Scripting
• Some knowledge of Microsoft windows server platform
• Use of SAST/DAST tools such as Fortify and Burp Suite
• Use of work item tracking software such as Azure DEVOPS, JIRA or Zendesk
• Familiarity working with SQL databases schema, queries, entries, creation

YOUR SOFT SKILLS:

• Communication – you have great verbal and written communication skills at a senior level
• Attitude – you learn quickly, take constructive feedback / advice, adapt and apply knowledge
• Problem solver – you have an analytical mind that can notice patterns and deviations and use logic and imagination to provide possible solutions
• Team player – you are ready, willing, and able to support the team at a senior level

WHO WE ARE

Lifemark Health Group is a market leader in customized healthcare solutions. As one of the largest and most comprehensive providers in Canada, we continue to grow exponentially. With that growth, is a vision to be the most innovative healthcare providers in community rehabilitation, workplace health and wellness and medical assessment services. Lifemark was acquired by Loblaw Companies on May 10, 2022, you can read more about the acquisition here.
Lifemark welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. Lifemark promotes equal employment opportunities for all job applicants, including those self-identifying as a member of the following groups: Indigenous peoples, Newcomers to Canada, and Visible minorities.
Please take some time to visit our corporate site at www.lifemarkhealthgroup.ca
Interested in joining our team at the corporate office?
Apply today! Visit www.lifemark.ca for more informatio

YOUR RESPONSIBILITIES:

The role requires an in-depth understanding of Information Security practices as well as a good understanding of Microsoft products (such as Windows, Outlook/Exchange/O365), vulnerability management, anti-virus, identity & access management, network operations (proxy servers, DNS, firewalls, WAN/LAN switches), databases and exposure to DLP (such as Symantec, McAfee or RSA).

• Involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures
• Conduct vulnerability audits and assessments and participate in investigations, design and execution of vulnerability assessments
• Monitor computer networks and systems for security issues, penetration tests, security audits and document any security issues or breaches, in line with the information security goals as established by Lifemark’s policies, procedures and guidelines and to actively work towards upholding those goals
• Respond to security alerts and work with the appropriate teams to investigate and triage.
• Maintain documentation of support and infrastructure
• Incident/problem management, escalation, and resolution activities
• Implement and test changes in accordance with Change Management procedures
• Commitment to keeping up to date on the latest technologies through training courses and industry events
• Daily management of Helpdesk tier II/III requests pertaining to information security.
• Maintain relevant baselines, operational configurations and review logs for the security configuration and operation of server, compute and network devices
• Participate in the planning and design of enterprise security architecture and the Business Continuity Plan and Disaster Recovery Plan
• Provide input towards RFP and security due diligence documents
• Participate in Client security audits, evidence collection and tracking remediation items
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
• Participate in the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically
• Some after hours and on call support when needed