Senior Cybersecurity Analyst, HIS

Company Description

One of Canada's Best Diversity Employers and Greater Toronto's Top Employers for many consecutive years, William Osler Health System (Osler) provides a safe and supportive health care network to grow your career. Osler is nationally recognized for its commitment to patient safety and is Accredited with Exemplary Standing, the highest rating a Canadian hospital can receive. As a major Ontario hospital system, and home to some of the biggest specialty and emergency departments in the country, Osler serves the 1.3 million residents of Brampton, Etobicoke and surrounding communities. We are proud to offer you incredible exposure to best-in-class health care delivery and challenging hands-on opportunities to stay at the top of your game.

A hospital system built for and by the community, we continue to expand our services to meet the needs of a growing population, creating opportunities for increased hands-on skills development, cross-department training and promotional opportunities. Guided by our accomplished senior leadership team, together we are driving our vision of patient-inspired health care without boundaries.

At Osler, we invest in careers that go beyond where health care professionals like you can achieve their goals and find deep personal and professional fulfillment. Join our team today!

Job Description

William Osler Health System is driven by a strategic vision to go beyond for our people and communities. As part of this commitment, we are embarking on an exciting digital transformation to implement a new, modernized Hospital Information System (HIS). Our dedicated HIS Team will collaborate closely with our trusted HIS Vendor (Epic) and internal subject matter experts to develop a fully functional system that will empower us to deliver exceptional care and services.

The Senior Cybersecurity Analyst is responsible for activities related to the development, implementation and operation of all cybersecurity activities related to the health information system (HIS). This role is part of the HIS project structure with a key responsibility to design, deliver and sustain our systems to address both clinical and non-clinical needs, ensuring the HIS is utilized effectively and efficiently in patient care.

Accountabilities:

• Participate in the Cybersecurity related design, analysis, build, testing and maintenance tasks associated with the Epic Systems hardware and infrastructure design
• Create and maintain documentation to build a repository of key configuration decisions and associated tasks
• Respond to security incident escalations and work with the cybersecurity manager, security analysts and broader Information Services (IS) team to maintain an effective incident management process for responding to and reporting of security and incidents
• Pro-actively review and strengthen Osler's security posture by identifying and mitigating security risks and managing information technology (IT) audit activities
• Provide security requirements and identify security risk throughout the IS project life cycle
• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.); interpret the implications of that activity and devise plans for appropriate resolution
• Under the direction of the cybersecurity manager, supports the planning and design of enterprise security architecture
• Maintain up-to-date detailed knowledge of the IS security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
• Ensuring the continuous delivery of day-to-day information security and privacy operations
• Work extended hours (days, evenings, nights, weekends) as required

Qualifications

• Undergraduate degree in at least one of the following: IT, computer science, business administration
• Certifications CISSP (preferred), CISA or CISM
• Seven or more years of networking and general IT system knowledge, with at least three years experience implementing and monitoring cybersecurity in a large multi-site organization
• Familiarity with ISO 27000 standards
• Familiarity with Personal Health Information Protection Act and Freedom of Information and Protection Act
• Direct working experience performing IT security and risk assessments
• Experience maturing cybersecurity posture using governance frameworks such as NIST cybersecurity framework
• Experience in leading projects or people
• Intermediate experience with HIS
• Intermediate experience in IT infrastructure
• Intermediate knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, web filtering and other industry-standard techniques and practices
• Experience in identity and access management and privileged access management
• Experience working with Microsoft cloud security tools
• Experience using SIEMs, including tuning and leveraging for threat hunting, troubleshooting and incident response
• Working technical knowledge of vulnerability scanners
• Strong understanding of IP, TCP/IP, and other network administration protocols
• Strong understanding of Windows Operating System and Active Directory
• Strong understanding of container security
• Must have the ability to communicate effectively with internal/external customers, vendors, management etc. in both formal and informal situations
• Ability to work independently and in collaboration with a team to meet HIS project milestones and ensure successful project delivery
• Ability and willingness to support project success in a manner that goes beyond completion of assigned tasks
• Ability to persevere in a high intensity project to overcome obstacles and difficult situations within a time sensitive implementation

Additional Information

Hours: Currently Days (subject to change in accordance with operational requirements)

Salary Range: $96,681.00 - $120,841.50

Application deadline: January 31, 2025

#LI-HT1

#TFT

#LI-Hybrid

Osler values inclusivity and diversity in the workplace. We welcome and encourage applicants from diverse backgrounds. We are committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act. If you require an accommodation at any stage of the recruitment process, please notify Human Resources at human.resources@williamoslerhs.ca.

While we thank all applicants, only those selected for an interview will be contacted. Any information obtained during the course of recruitment will be used for employment recruitment purposes only, and not for any other purpose.