Toronto, ON, CA Posted: 11/8/2022 9:54:48 AM
We currently have a
Regular Full-time opportunity for a
Security Analyst in the
Information Services department at our
Bayview campus.
Hours Of Work
Weekdays: Days; 8hrs; as per schedule
On Call Required; Statutory Holidays Required
Summary Of Duties
Reporting to the
Manager, Information Security, the
Cybersecurity Analyst is responsible for information technology risk assessments, vulnerability management, and general Cybersecurity program activities in support of our
Information Security Program accountabilities.
Summary Of Duties
- Undertake security threat and risk assessments in accordance with industry-recognized standards, including the identification of administrative, procedural and technical control remediation items as required;
- Perform Third Party Security Risk Assessments and create a security scorecard based on the Information provided;
- Collaborate with other business units to identify security risks within their respective operational areas, make recommendations for appropriate security control remediation items and support the development of security process control improvements within those portfolios suitable for risk mitigation;
- Understand alerts from Security Operations Center (SOC) and translate them into risks for business units;
- Monitor emerging threats, assess risks and recommend relevant controls and mitigation strategies;
- Collaborate closely with key technology stakeholders and provide input on key security capabilities;
- Provide input for applying security controls based on Industry standards such as NIST CSF, ISO 27001 or Cloud Security Alliance (CSA);
- Support project managers and teams in executing key security projects;
- Review IT security controls and processes for new services to ensure proper technical security controls are applied to systems and applications;
- Work with external consultants and third-party service providers as appropriate for independent security audits, incident response and risk remediation;
- Manage security awareness training program and report key findings and recommendations;
- Develop, manage and update, as required, information security policies and procedures;
Qualifications/Skills
- University Degree or College Designation in Business Administration, Information Technology, or Engineering or equivalent;
- Minimum 5 years of experience in the role of Cybersecurity or Security Operations;
- Clear understanding of key technology stacks such as Palo Alto, Cisco ASA and Juniper firewalls, VPN, Endpoint Detection & Response (EDR), Proofpoint, Microsoft, Qualys and Tenable network
- Strong understanding of risk & Vulnerability management.
- Demonstrated knowledge of and/or familiarity with standards and frameworks such as NIST CSF, ISO/IEC 27000 series, PCI or SOC 2 compliance framework.
- Demonstrated experience in undertaking supervised security threat and risk assessments, using an industry-recognized framework equivalent to the Harmonized Threat and Risk Assessment (HTRA) methodology;
- Certification in one or more IT governance or control standards such as ISC2 (e.g. CISSP), SANS, ISACA (e.g. CISM, CISA), PMI (e.g. PMBOK) or equivalent preferred;
- Strong communication, analytical, problem-solving and negotiation skills;
- Knowledge of information technology project management, technology (software or hardware) development and/or technology operations management preferred.
Qualified candidates are invited to submit their cover letter and resume (in one document) quoting
210946 to:
Human Resources
Sunnybrook Health Sciences Centre
To apply, please click "Apply for Position" at the bottom of this page.
Sunnybrook Health Sciences Centre is committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). If you require accommodation for disability during any stage of the recruitment process, please indicate this in your cover letter.
Sunnybrook Health Sciences Centre is strongly committed to inclusion and diversity within its community and welcomes all applicants including but not limited to: visible minorities, all religions and ethnicities, persons with disabilities, LGBTQ persons, and all others who may contribute to the further diversification of ideas.
Please be advised that in order to be eligible for employment at Sunnybrook, all new hires must have received the full series of a COVID-19 vaccine or combination of COVID-19 vaccines approved by Health Canada (e.g., two doses of a two-dose vaccine series, or one dose of a single-dose vaccine series);
AND have received the final dose of the COVID-19 vaccine at least 14 days ago. Medical exemptions or any other kind of requested exemption based upon the Hospital’s obligations pursuant to the Ontario Human Rights Code will be considered on a case-by-case basis.