Information Security Consultant

Toronto, ON - Ottawa, ON, Canada

Job Description


Who we areWe are an organization comprised of industry thought leaders who are passionate about health data and want to make a difference in the health care field. We are an independent, not-for-profit organization and together with our partners we provide essential information on Canada\'s health systems, enabling decisions that lead to healthier Canadians. As a valued member of the CIHI team, you and your work will have a pivotal role in the evolution of Canada\'s health care systems.CIHI is recognized as an exceptional place to work that embraces diversity, respect, integrity, collaboration and innovation. Learn about our and the work being done to create a more inclusive and welcoming organization by focusing on how we learn, govern and practise.At CIHI, we recognize what matters to our employees. Some of the benefits of working at CIHI include

  • HOOPP Pension Plan (Defined Benefits Pension)
  • Retirement Planning Program
  • Generous vacation days for permanent and long-term contracts
  • Work-life balance
  • Career Planning Program
  • Learning and Professional Development Program
  • Flexible benefits program from your first day on the job for permanent and long-term contracts
Why is this role important?Reporting to the Manager, Information Security, the Information Security Consultant ensures effective design, configuration, management, monitoring and protection of CIHI\'s security infrastructure (e.g. Cloud Environment, Firewalls, Security Information and Event Management solutions (SIEM)).The Information Security Consultant is responsible to proactively enforce CIHI\'s information security and management policies, procedures, and standards while maintaining compliance with applicable industry, regulatory, and contractual requirements and managing risk to the technical environment.This role ensures the security infrastructure meets or exceeds CIHI information security management requirements outlined below, while adapting and evolving with industry and regulatory changes.What you\'ll do1. Leads the planning, design, and implementation of CIHI\'s security environment.
2. Oversees the secure deployment of cloud services provided by AWS, Azure, and other vendors, including cloud-based applications, platforms, and infrastructure, incorporating comprehensive security controls and monitoring solutions.
3. Designs, configures, and manages security controls and policies in AWS and Microsoft Azure, ensuring robust protection for cloud-based infrastructure and applications.
4. Upgrades, configures and maintains current security systems and their corresponding software, including firewalls, IDS/IPS, SIEM, web gateways, VPN solution, cryptography systems, and endpoint security software.
5. Plans and leads IT security projects for deployment, integration, and configuration of new security solutions and/or enhancements to existing solutions in accordance with CIHI processes and industry standards and best practices.
6. Participates and responds to security incidents as per CIHI\'s security incident protocols and leads creation of incident playbooks and incident response tabletop exercises.
7. Monitors and assesses risk, resolves security incidents (breaches, vulnerabilities, malware) and provides recommendations for improvements to existing configuration/enhancements or new security solutions for cloud and on premises architecture to improve overall enterprise security.
8. Remains current on evolving security threats and proactively implement mitigation solutions.
9. Leads periodic vulnerability assessments, penetration testing and internal audits to ensure staff preparedness and infrastructure compliance with various regulatory requirements.
10. Provides consulting, advice, and support on CIHI\'s Security systems and architecture and industry best practices.
11. Defines evaluation benchmarks to appraise, test, and select new security software and hardware technologies.
12. Assists with the development, implementation, and maintenance of CIHI\'s IT security policies and procedures.
13. Leads the development of training material to facilitate information security awareness within the organization.
14. Liaises with members of the Privacy and Legal team and program areas as appropriate.
15. Provides guidance and instruction to junior team members.
16. Provides on-call support on a rotational basis.What you\'ll bring to the table
  • Graduate of a recognized university/college computer science program or equivalent.
  • Minimum of 5 - 7 years\' experience as a security administrator with at least 2 years as cloud security administrator.
  • AWS Certified Security Specialist or Palo Alto PCNSE certification or equivalent security certification.
  • Expertise in the design of networks, IP Addressing and IP protocols such as TCP/IP, DNS, DHCP, HTTP, TLS, SSH, 802.1X, and IPsec.
  • Proficient in designing and managing enterprise security solutions such as firewall HA clusters, intrusion prevention systems, SIEM solutions, Web Gateways, Web Application Firewalls, Cloud Security Posture Management solutions, multi-factor VPN authentication, and application sandboxing.
  • Experience in security for various cloud service models like IaaS, PaaS, SaaS, for cloud providers like AWS and Microsoft Azure, including the implementation of security best practices and compliance.
  • Proven ability to design, configure and manage security controls and policies in AWS and MS Azure.
  • Experience in creating alerts, reports, and dashboards using SIEM solutions.
  • Demonstrated knowledge of forensic tools (Wireshark), techniques, and methodology.
  • Expert understanding of security in the following OS platforms and technologies: MS Windows, Linux, virtualization, containerization, mobile devices, and cloud services.
  • Proficient understanding of tiered Web applications and it\'s working in a Windows/Linux environment using Apache/IIS web servers and MS SQL/Oracle/MySQL databases.
  • Knowledge of NIST Cybersecurity framework and ISO 27001:2022
  • Ability to conduct research into security issues and products, as required.
  • Strong interpersonal and both oral and written communication skills.
  • Excellent organizational skills and attention to detail.
  • Ability to effectively prioritize and execute tasks with minimal supervision.
  • Experience working in a team-oriented, collaborative environment.
  • Lifting of moderately heavy objects, such as servers and network appliances.
  • Flexibility to work outside standard hours to maintain systems and participate in an on-call rotation schedule.
  • Fluency in English is required, bilingualism in both official languages is an asset.
To find out more about this role and other exciting opportunities visit our website at www.cihi.ca and check out our \'Careers\' section.We thank all those who apply, however, only candidates selected for an interview will be contacted.At CIHI we are committed to fostering an inclusive, barrier-free and accessible environment. Part of this commitment includes arranging accommodations to ensure an equitable opportunity to participate in the recruitment and selection process. If you require an accommodation, we will work with you to meet your needs.Please note the CIHI Recruiting Team uses email to communicate with applicants. Please make sure your profile has an updated email address that is checked regularly, including the junk/spam mail folder, as we send time sensitive emails (i.e. testing and interview bookings).

Canadian Institute for Health Information

Beware of fraud agents! do not pay money to get a job

MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD2338561
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Toronto, ON - Ottawa, ON, Canada
  • Education
    Not mentioned