Security Analyst - Cyber and Security Staff - Regular Full-time - 2024-10874

at  Sunnybrook Health Sciences Centre

Toronto, ON, Canada -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate26 Jan, 2025Not Specified27 Oct, 20245 year(s) or aboveItil,Cobit,Word Processing,It Governance,Clinical Support,Risk Assessment,Software,Operations Management,Isaca,Pmi,Cisa,Coso,Endpoint Protection,Hardware Development,Customer Service Skills,EmailNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Reporting to the Manager of Information Security, the Information Security Analyst is primarily responsible for vulnerability management. Additionally, the role involves conducting IT risk assessments and supporting various activities related to the overall information security program, ensuring alignment with our Information Security Program responsibilities.

QUALIFICATIONS/SKILLS:

  • University degree in Business Administration, Science, Engineering, or a related field, or equivalent experience.
  • Minimum of 5 years of experience in an Information Security role.
  • At least 5 years of experience administering various security products such as Palo Alto and Cisco ASA firewalls, VPN, CrowdStrike endpoint protection, Tenable network and web application scanners, and CIS benchmarks.
  • Strong understanding of risk management, vulnerability management, and incident management.
  • In-depth knowledge of IT security concepts and best practices.
  • Excellent written and verbal communication, interpersonal, and customer service skills.
  • Demonstrated knowledge of and familiarity with standards and frameworks such as ITIL, COBIT, ISO/IEC 31000 series, ISO/IEC 27000 series, PCI, COSO, and SOC 2.
  • Proven experience in conducting supervised security threat and risk assessments, ideally within a healthcare context, using an industry-recognized framework like the Harmonized Threat and Risk Assessment (HTRA) methodology.
  • Preferred certifications in IT governance or control standards, such as ISC2 (e.g., CISSP), SANS, ISACA (e.g., CISM, CISA), or PMI (e.g., PMBOK).
  • Strong analytical, problem-solving, and negotiation skills.
  • Proficiency in office productivity tools including email, word processing, database management, and spreadsheet applications.
  • Preferred knowledge of information technology project management, software or hardware development, and/or technology operations management.
  • Familiarity with the healthcare sector and experience in hospital administration or clinical support is highly desirable.

Responsibilities:

  • Coordinate and conduct network and web application vulnerability assessments.
  • Collaborate with other departments to identify security risks within their operational areas, recommend appropriate security control remediation, and support the development of security process improvements to mitigate risks.
  • Monitor, review, and respond to security events from the SOC, tracking them through to resolution. Escalate unresolved issues within the acceptable time frame.
  • Monitor emerging threats, assess risks, and recommend relevant controls and mitigation strategies.
  • Collaborate with teams to implement hardening of servers and network devices.
  • Provide support for security-related projects.
  • Review IT security controls and processes for new applications and services to ensure the implementation of proper technical security controls.
  • Work with external consultants for independent security audits, incident response, and risk remediation when necessary.
  • Review emerging security technologies and provide recommendations to enhance infrastructure security.
  • Conduct security threat and risk assessments in line with industry standards, identifying necessary administrative, procedural, and technical control remediation items.
  • Perform other related duties as assigned.


REQUIREMENT SUMMARY

Min:5.0Max:10.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

Other

Graduate

Business administration science engineering or a related field or equivalent experience

Proficient

1

Toronto, ON, Canada