Senior Information Security Analyst

WHO WE ARE
When it comes to health, we’re always looking for ways to push for better. It’s why we were founded in the first place. In 1957, our founder, pharmacist William Wilkinson, witnessed a mother sacrifice her health by forgoing her own medicine to pay for her sick daughter’s prescription. He knew there had to be a better way. So, he introduced North America’s first prepaid drug plan, and GreenShield was born as a not-for-profit with a mission to support better health for all Canadians.

We aren’t just a health and benefits company. We’re the only not-for-profit social enterprise that brings together coverage and care, all in one place.
We’re noble challengers, purposefully building a better way, and we need the best people to help us create a more holistic approach that takes care of the mind and body.

Our mission is to create better health for all Canadians, and we know that starts with our employees.

THE ROLE IN A NUTSHELL

• Manage enforcement of corporate, regulatory, and risk management policies. Assist in developing, maintaining, and publishing information security standards, procedures, and guidelines for enterprise and cloud platforms.
• Provide subject matter expertise on issues of Information Security, including technical guidance.
• Create and maintain logical security reporting for monitoring. Guide user security administrators responsible for application security.
• Design, implement, and maintain security measures to safeguard cloud environments in Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS).
• Lead security projects, manage security incidents, and implement upgrades or repairs of security devices/software.
• Plan and implement security controls over applications, including cloud platforms.
• Provision access to applications via enterprise IAM, enforcing ITSM practices.
• Analyze SOC alerts and manage relationship with SOCaaS Provider.
• Assess application security needs based on data sensitivity, ensuring systems are used per management approval.
• Support and guide the administration of security tools monitoring information security.
• Assist in disaster recovery activities, providing direction and consulting.
• Research, evaluate, and recommend new security software or devices.
• Participate in audits for organizational compliance, gather artifacts, and address deficiencies.
• Train staff on security controls and software, develop security awareness programs.
• Mentor and support security team members.

WHO WE'RE LOOKING FOR

• Bachelor’s degree in Computer Science, Engineering, or related field.
• Minimum 8 years in IT Security, with exposure to Protected B data and ability to acquire Reliability Status.
• Strong knowledge in UNIX, Windows, Linux, network security, firewalls, intrusion detection, IAM, SOC, vulnerability testing, OS hardening, compliance, and data classification. Familiar with SIEM and EDR/XDR platforms.
• Certifications such as CCSK, CCSP, CISSP, CSSLP, SSCP, CEH, Google, Microsoft Azure, M365 Security are highly desirable. Google Cloud Security Analyst certification is mandatory.
• Proven strategic thinking, relationship management, and experience with new technology deployment.
• Ability to develop solutions for complex problems, build process documentation, and lead security initiatives.
• Deep understanding of security tools including firewalls, IDS, IPS, SIEM, IAM, PAM, and management of these tools.
• Experience with Saviynt, BeyondTrust, Azure Sentinel, Microsoft Defender, Google Security Command Center is an asset.
• Experience with security solutions for transactional websites and penetration testing is an asset.
• Self-motivated, analytical, with strong communication and teamwork skills.

THE CULTURE

We believe a career should be meaningful. Our culture values every voice and aims to create better health for all. We challenge the status quo and empower our employees to be their best. We foster an inclusive environment that values diverse backgrounds and perspectives, enhancing our ability to support communities. A career at GreenShield is about making a difference together.

A FEW MORE DETAILS

English proficiency is required for effective communication. We support diversity, equity, and inclusion, and encourage applications from all candidates. We will accommodate needs under human rights legislation and request for accommodations can be made via requestforaccommodation@greenshield.ca. Personal information will be used solely for assessing suitability and will be kept confidential, possibly stored outside Canada for statistical purposes.