Technical Specialist, Cybersecurity

UHN is Canada’s #1 hospital and the world’s #1 publicly funded hospital. With 10 sites and more than 44,000 TeamUHN members, UHN consists of Toronto General Hospital, Toronto Western Hospital, Princess Margaret Cancer Centre, Toronto Rehabilitation Institute, The Michener Institute of Education and West Park Healthcare Centre. As Canada's top research hospital, the scope of biomedical research and complexity of cases at UHN have made it a national and international source for discovery, education and patient care. UHN has the largest hospital-based research program in Canada, with major research in neurosciences, cardiology, transplantation, oncology, surgical innovation, infectious diseases, genomic medicine and rehabilitation medicine. UHN is a research hospital affiliated with the University of Toronto.

UHN’s vision is to build A Healthier World and it’s only because of the talented and dedicated people who work here that we are continually bringing that vision closer to reality.

Union: Non-Union
Number of Vacancies:1
Site: Princess Margaret Hospital
Department: Digital Security
Reports to: Director of Digital Security
Work Model: Remote (with possibility of occasional on-site requirement in case of incident)
Hours: 37.5 hours per week
Status: Permanent Full-Time
Closing Date: May 15, 2025

Position Summary

As a Technical Specialist in UHN Cybersecurity, you will play a pivotal role in safeguarding our organization's digital assets and infrastructure against cyber threats. Working under the direction of Director of Digital Security, you will be responsible for managing various aspects of cybersecurity, including Privilege Access Management, enhancing security alerts, implementing, and refining SOAR systems, overseeing vulnerability management, and elevating the overall cybersecurity posture of the organization.

Duties

• Privilege Access Management (PAM):
  • Manage and administer the Privilege Access Management solution.
  • Define and enforce privileged access policies, ensuring adherence to security best practices.
  • Implement controls to mitigate risks associated with privileged accounts and access.
  • Conduct regular audits and reviews of privileged access usage.
• Enhancement of Security Alerts:
  • Collaborate with the security operations team to analyze and enhance security alerts.
  • Develop and maintain a robust SIEM system to facilitate continuous monitoring by a dedicated team of cybersecurity analysts.
  • Develop and implement strategies to improve the detection and response capabilities of security alerting systems.
  • Investigate and respond to security incidents in a timely manner.
• Implementation and Refinement of SOAR:
  • Lead the implementation and integration of Security Orchestration, Automation, and Response (SOAR) solutions.
  • Customize and optimize SOAR workflows to automate repetitive tasks and streamline incident response processes.
  • Continuously refine SOAR capabilities based on emerging threats and organizational requirements.
• Vulnerability Management:
  • Oversee the vulnerability management program, including vulnerability scanning, assessment, and remediation.
  • Prioritize vulnerabilities based on risk and potential impact to the organization.
  • Coordinate with system owners and IT teams to ensure timely patching and mitigation of vulnerabilities.
  • Monitor and report on the effectiveness of vulnerability management efforts.
• Email Security Management:
  • Administer and manage Proofpoint email security solutions to protect against phishing, malware, and other email-borne threats.
  • Develop and enforce email security policies and procedures.
  • Monitor and analyze email security incidents and respond to threats promptly.
  • Provide ongoing tuning and optimization of Proofpoint systems to enhance email security posture.
• Improvement of Overall Cybersecurity:
  • Work collaboratively with cross-functional teams to identify and address security gaps and weaknesses.
  • Provide expertise and guidance on security best practices, standards, and compliance requirements.
  • Participate in cybersecurity awareness and training initiatives for employees.
  • Stay abreast of industry trends, emerging threats, and new technologies to continuously improve cybersecurity capabilities.

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent.
• Extensive experience in cybersecurity, with a focus on privilege access management, security alerting, SOAR, and vulnerability management.
• In-depth knowledge of BeyondTrust or similar Privilege Access Management solutions.
• In-depth knowledge of Splunk or similar SIEM solutions.
• Strong understanding of security principles, protocols, and technologies.
• Proficiency in scripting and automation for cybersecurity tasks (e.g., Python, PowerShell).
• Excellent analytical and problem-solving skills, with attention to detail.
• Effective communication skills, with the ability to convey technical concepts to non-technical stakeholders.
• Proven ability to work independently and collaboratively in a fast-paced environment.

In addition to working alongside some of the most talented and inspiring healthcare professionals in the world, UHN offers a wide range of benefits, programs and perks. It is the comprehensiveness of these offerings that makes it a differentiating factor, allowing you to find value where it matters most to you, now and throughout your career at UHN.

• Competitive offer packages
• Government organization and a member of the Healthcare of Ontario Pension Plan (HOOPP https://hoopp.com/ )
• Close access to Transit and UHN shuttle service
• A flexible work environment
• Opportunities for development and promotions within a large organization
• Additional perks (multiple corporate discounts including: travel, restaurants, parking, phone plans, auto insurance discounts, on-site gyms, etc.)

Current UHN employees must have successfully completed their probationary period, have a good employee record along with satisfactory attendance in accordance with UHN's attendance management program, to be eligible for consideration.

All applications must be submitted before the posting close date.

UHN uses email to communicate with selected candidates. Please ensure you check your email regularly.

Please be advised that a Criminal Record Check may be required of the successful candidate. Should it be determined that any information provided by a candidate be misleading, inaccurate or incorrect, UHN reserves the right to discontinue with the consideration of their application.

UHN is an equal opportunity employer committed to an inclusive recruitment process and workplace. Requests for accommodation can be made at any stage of the recruitment process. Applicants need to make their requirements known.

We thank all applicants for their interest, however, only those selected for further consideration will be contacted.