Enable job alerts via email!
Information Security Analyst
Appworkshub
Canada
On-site
CAD 90,000 - 120,000
Full time
12 days ago
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading organization in cybersecurity located in Canada is seeking a professional to analyze and enhance information security practices, particularly for the healthcare sector. The role involves leading staff training, investigating security breaches, and recommending improvements. Candidates should possess a Bachelor's degree in IT, 8 years of experience, and relevant certifications like CISSP or CISM. Strong analytical and communication skills are essential for success in this role.
Qualifications
- 8 years of professional level information technology experience.
- 3 years of experience in information security within the health care sector.
- CISSP, CISM, or CEH certification preferred.
Responsibilities
- Analyze information security practices against industry standards.
- Lead training on information security and breach prevention.
- Manage investigations of security breaches.
Skills
Knowledge of HIPAA and FISCAM security guidelines
Understanding of firewalls, proxies, SIEM
Proficiency with operating systems and security systems
Analytical and problem-solving skills
Clear communication skills
Experience creating training materials
Education
Bachelor's degree in Information Technology or related field
Master's degree (optional)
Tools
Microsoft Office Suite
SIEM tools
Job description
Description
- Analyzes information security practices to ensure alignment with industry standards and guidelines.
- Identifies, investigates, and resolves security breaches detected by security solutions.
- Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures.
- Leads and delivers staff training on information security and breach prevention.
What You Will Do:
- Staying current on information security trends, news and security standards, especially those related to the healthcare industry
- Participating in the development of security standards and best practices for the organization
- Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber-attacks
- Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement
- Recommending security enhancements to management and senior ITS staff
- Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options
- Monitoring computer networks for security issues in order to reduce the risk of security incidents
- Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team
- Documenting security breaches and assessing the damage caused
- Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date
- Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities
- Managing efforts with vendors on annual security audit, including pen testing
- Assisting with developing and documenting preventive measures to ensure system security
- Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices
- Documenting computer security procedures, and tests
- Assisting with the development of policies, procedures, standards, and guidelines related to information security
- Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches
- Assisting staff with the installation and utilization of new security products and procedures
- Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes
- Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts
- Reviewing any violations of security procedures and providing remedial training to staff, as needed
- Performs other duties as assigned
You Will Be Successful If:
- In-depth knowledge of HIPAA and FISCAM security guidelines.
- Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Proficiency with operating systems, virtualization, and security systems.
- High proficiency in Windows-based PC systems and Microsoft Office Suite.
- Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT).
- Familiarity with project management principles and customer service practices.
- Awareness of emerging security technologies such as AI, IoT, and blockchain.
- Strong analytical, problem-solving, and decision-making skills.
- Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences.
- Experience creating training materials and leading staff training.
- Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs.
- Leadership ability to facilitate meetings, resolve issues, and guide staff.
- Strong collaboration skills and diplomacy across teams and levels of the organization.
- Willingness to respond to after-hours information security incidents.
What You Will Bring:
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
- 8 years of professional level information technology experience
- 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying
- Experience working in the health care industry
- Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!