Senior Cybersecurity Analyst HIS
Senior Cybersecurity Analyst HIS
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
William Osler Health System is driven by a strategic vision to go beyond for our people and communities. As part of this commitment we are embarking on an exciting digital transformation to implement a new modernized Hospital Information System (HIS). Our dedicated HIS Team will collaborate closely with our trusted HIS Vendor (Epic) and internal subject matter experts to develop a fully functional system that will empower us to deliver exceptional care and services.
The Senior Cybersecurity Analyst is responsible for activities related to the development implementation and operation of all cybersecurity activities related to the health information system (HIS). This role is part of the HIS project structure with a key responsibility to design deliver and sustain our systems to address both clinical and nonclinical needs ensuring the HIS is utilized effectively and efficiently in patient care.
Accountabilities:
- Participate in the Cybersecurity related design analysis build testing and maintenance tasks associated with the Epic Systems hardware and infrastructure design
- Create and maintain documentation to build a repository of key configuration decisions and associated tasks
- Respond to security incident escalations and work with the cybersecurity manager security analysts and broader Information Services (IS) team to maintain an effective incident management process for responding to and reporting of security and incidents
- Proactively review and strengthen Oslers security posture by identifying and mitigating security risks and managing information technology (IT) audit activities
- Provide security requirements and identify security risk throughout the IS project life cycle
- Review logs and reports of all inplace devices whether they be under direct control (i.e. security tools) or not (i.e. workstations servers network devices etc.); interpret the implications of that activity and devise plans for appropriate resolution
- Under the direction of the cybersecurity manager supports the planning and design of enterprise security architecture
- Maintain uptodate detailed knowledge of the IS security industry including awareness of new or revised security solutions improved security processes and the development of new attacks and threat vectors
- Ensuring the continuous delivery of daytoday information security and privacy operations
- Work extended hours (days evenings nights weekends) as required
Qualifications :
- Undergraduate degree in at least one of the following: IT computer science business administration
- Certifications CISSP (preferred) CISA or CISM
- Seven or more years of networking and general IT system knowledge with at least three years experience implementing and monitoring cybersecurity in a large multisite organization
- Familiarity with ISO 27000 standards
- Familiarity with Personal Health Information Protection Act and Freedom of Information and Protection Act
- Direct working experience performing IT security and risk assessments
- Experience maturing cybersecurity posture using governance frameworks such as NIST cybersecurity framework
- Experience in leading projects or people
- Intermediate experience with health information systems (HIS)
- Intermediate experience in IT infrastructure
- Intermediate knowledge of firewalls intrusion detection systems antivirus software data encryption web filtering and other industrystandard techniques and practices
- Experience in identity and access management and privileged access management
- Experience working with Microsoft cloud security tools
- Experience using SIEMs including tuning and leveraging for threat hunting troubleshooting and incident response
- Working technical knowledge of vulnerability scanners
- Strong understanding of IP TCP/IP and other network administration protocols
- Strong understanding of Windows Operating System and Active Directory
- Strong understanding of container security
- Must have the ability to communicate effectively with internal/external customers vendors management etc. in both formal and informal situations
- Ability to work independently and in collaboration with a team to meet HIS project milestones and ensure successful project delivery
- Ability and willingness to support project success in a manner that goes beyond completion of assigned tasks
- Ability to persevere in a high intensity project to overcome obstacles and difficult situations within a time sensitive implementation
Additional Information :
Hours: Currently Days (subject to change in accordance with operational requirements)
Salary Range: $96681.00 $120841.50
Application deadline: January 31 2025
#LIHT1
#TFT
#LIHybrid
Osler values inclusivity and diversity in the workplace. We welcome and encourage applicants from diverse backgrounds. We are committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act. If you require an accommodation at any stage of the recruitment process please notify Human Resources at .
While we thank all applicants only those selected for an interview will be contacted. Any information obtained during the course of recruitment will be used for employment recruitment purposes only and not for any other purpose.
Remote Work :
No
Employment Type :
Contract
Employment Type
Contract
