Job Description

Security Analyst Permanent Full Time Job Band: 5 The Security Analyst will work with internal and external stakeholders to advance the maturity of the OntarioMD Security program, ensure that IT Security is considered in all aspects of Electronic Medical Record (EMR) solutions including connectivity to provincial Electronic Health Record (EHR) Solutions and Services, OntarioMD Products and Services, enhanced clinical tools, and the exchange of health information. Reporting to the Manager, IT Architecture, the Security Analyst will be responsible for:

• Working collaboratively with health system stakeholders including the Ministry of Health, Ontario Health, EMR vendors, health system delivery partners and clinicians to provide IT security expertise throughout the product or service development lifecycle, advancing the security maturity of Electronic Medical Record (EMR) solutions
• Analyzing proposed solution architectures for both new and current provincial EMR/EHR interoperability initiatives to provide best practice enhancements and recommendations
• Analyzing proposed solution artefacts in the design, development, delivery, and ongoing enhancement of new and current OntarioMD products and services, including application development and data warehousing, and provide best practice enhancements and recommendations
• Analyzing new and emerging threats and legislative changes to assess resulting impact to OntarioMD Product and Services, EMR Solutions, and external partners
• Reviewing third party security submissions, such as TRA and PIAs, for completeness and accuracy. Working with stakeholders to recommend and confirm remediations as necessary
• Acting as a subject matter expert in the support of internal OntarioMD support, development, and validation teams.
• Leveraging industry standard and recognized provincial security control frameworks to advance minimum privacy and security practices and specifications
• Leading and facilitating cross-stakeholder EMR technology workshops
• Developing and providing presentations and documentation to various internal and external audiences as required and report regularly on progress and status.
• Providing leadership in cyber security incident response if necessary

Requirements that are important to us:

• University degree in Computer Science or Engineering or equivalent experience
• Minimum five (5) years of experience in Information Technology (IT) disciplines, preferably in security
• Minimum three (3) years experience with IT Security principles, practices, technologies, and procedures
• Experience with health sector privacy and security principles, including PHIPA, preferred
• Industry recognized IT Security certification (e.g., CISSP, CISA, etc), in good standing
• Understanding of security control and risk assessment methodologies and frameworks such as: HTRA, NIST, ISO-27001/2, and MITRE
• Knowledge of various systems and security technologies including Operating systems, Networks, Secure Communications, Identity Management, and Cloud Solutions
• Experience collecting, analyzing, and reviewing security audits, events, and threat intelligence
• Experience with community based Primary Care EMR solutions and office technologies an asset
• Demonstrated experience building and maintaining productive working relationships with internal/external stakeholders in complex, multi-stakeholder health care environments
• Excellent written and oral presentation skills; able to present to internal and external executives

Benefits we think you'll like.....

• Fantastic opportunity to grow within the team and throughout the organization
• Professional development and continuous in-house learning opportunities
• Fun, friendly and dynamic work environment with a passion for digital health
• Competitive salary and bonus program
• Exceptional group benefits package paid by the organization

How to Apply: Interested candidates are invited to apply online through our careers page. Applications will be considered up until September 5, 2022 at 5:00 pm. For further information, visit our website at www.ontariomd.ca. We regret that only those selected for an interview will be contacted. OntarioMD is strongly committed to diversity within its community and welcomes applications from racialized persons/persons of colour, women, Indigenous People of North America, persons with disabilities, LGBTQ2S+ persons, and others who may contribute to the further diversification of ideas. In accordance with the AODA Act, accommodation will be provided throughout the recruitment process to applicants with disabilities. All candidates offered a position with OntarioMD from December 3, 2021, onward must be fully vaccinated and provide proof of their vaccination as a condition of employment. OntarioMD will comply with its Human Rights obligations and accommodate employees who are legally entitled to accommodation. Following the advice of provincial health authorities, to mitigate the risk of the potential spread of COVID-19 and support social distancing, all recruiting activities including interviews and new hire onboarding will be conducted remotely. While we are doing our best to ensure reasonable response times, please expect potential delays during the recruiting process due to the current situation. OntarioMD does not solicit personal information such as banking information or passport information over social media sites for employment purposes. g2afTzH8EG