Senior IT and Security Analyst

Join us in re-imagining health care with the largest social enterprise in Canada. SE Health is leading a multi-year enterprise transformation project that leverages human-centered design to be at the forefront of innovation within the healthcare sector. As a leader in home care, we are expanding and enhancing our capabilities to provide personalized experiences using new platforms and cloud-native architectures, ensuring privacy and security by design. Our transformation is grounded in guiding principles that prioritize team decisions, long-term planning, process standardization, data-driven insights, and balanced user adoption. If you are driven by the desire to have an impact, change the world of health care, and shape the future, we invite you to be part of our journey.

POSITION SUMMARY :

SE Health (Saint Elizabeth Health Care) is a social enterprise applying knowledge, vision, and drive to forever impact how people live and age at home, today and into the future. As a not-for-profit organization with Canadian roots and 110 years of expertise, we bring quality excellence and innovation to home care, seniors lifestyle, and family caregiving. Through our team of 9,000 Leaders of Impact, we deliver 20,000 care exchanges daily, totaling 50 million in the last decade alone. In 2019, we were honored to be recognized by Forbes as one of Canada's Best Employers.

The Senior IT & Security Analyst will be expected to:

1. Design and implement security automation and orchestration (SOAR) capabilities to enhance incident response and security monitoring across the organization, including Workday and Salesforce.
2. Define, enforce, and oversee the implementation of security requirements across various SaaS platforms, including Salesforce and Workday, ensuring robust identity and access management (IAM), data encryption, secure API integrations, and compliance with industry security frameworks such as ISO 27001, SOC 2, and NIST CSF.
3. Assist with security risk assessments for technology systems and third-party vendor solutions.
4. Continuously tune and monitor IT security controls, including Intrusion Detection/Prevention Systems, Malware Protection, File Integrity Monitoring, Endpoint Anti-Malware, Remote Access Systems, and Network Security (Wired & Wireless).
5. Maintain detailed knowledge and awareness of cybersecurity trends and the development of new vulnerabilities and threats.
6. Improve cybersecurity processes and documentation.
7. Participate in new systems planning, design, and implementation.
8. Design and implement security controls/processes for new systems, including Salesforce and Workday applications.
9. Participate in regular vulnerability assessments and patching activities.
10. Participate in Threat and Risk Assessments (TRAs).
11. Perform the role of SOC SME Threat Hunter.
12. Document IT & security controls/processes where applicable.
13. Manage Cyber Security Incidents Response.
14. Utilize Splunk, LogScale, and Crowdstrike NG SIEM to create custom alerts and dashboards for Salesforce and Workday.
15. Maintain workstation and server security hardening standards.
16. Assist in troubleshooting security-related network issues with the support team.
17. Be available for after-hours implementations, testing, and support.
18. Perform other tasks as required.

REQUIREMENTS :

1. Working knowledge of and experience applying common information security standards (ISO 27001, NIST 800-53a, NIST CSF, CIS Controls).
2. Experience with logging and monitoring systems, especially SIEM systems like Splunk or LogScale.
3. Broad knowledge of IT architecture and technologies, including IAM, cloud hosting, network, and database administration.
4. Advanced scripting skills (PowerShell, Python, etc.).
5. Experience with vulnerability management and remediation.
6. Experience with Jira applications.
7. Excellent communication skills, both verbal and written.
8. Ability to work in a demanding team environment, prioritize tasks, and communicate issues effectively.
9. Strong analytical skills and problem-solving abilities.
10. Post-secondary degree in an IT-related field or equivalent work experience.
11. 10+ years of relevant experience.
12. Desired certifications include CISSP, CEH, OSCP, CCSP, SSCP, or similar.
13. Experience in IT environment auditing, especially in cloud environments like Salesforce and Workday.
14. Experience deploying and administering apps within Splunk, data normalization, and data modeling within Splunk.
15. Experience creating and managing Splunk DB connects, including identities, database connections, inputs, outputs, lookups, and access controls.
16. Proficiency with regex and advanced search/reporting commands.
17. Understanding of system log files and data collection, logging, filtering, and tuning/baselining data.
18. Familiarity with Kali Linux, Metasploit, Burp, and similar tools.

ABOUT US :

At SE, we love what we do. Every day, we bring hope and happiness to clients, homes, and communities across Canada. We treat each person with dignity and love, build empathy, and do the right thing. We are inspired to make a difference. As a not-for-profit social enterprise, we share knowledge, provide the best care, and help clients achieve their health and wellbeing goals. We offer a supportive, inclusive workplace with competitive pay, benefits, pension, and work-life balance. Join us and be part of our team.

To ensure the health and safety of our patients, clients, employees, and the public, SE Health requires all employees to be fully vaccinated against COVID-19, meaning two doses plus 14 days since the last dose. If you need accommodations due to illness or disability, contact our Talent Acquisition team at [emailprotected].