Fraser Health continues to be recognized as one of BC's Top Employers, are you someone who is passionate about making a difference in the lives of others?
Fraser Health is responsible for the delivery of hospital and community-based health services to over 1.9 million people in 20 diverse communities from Burnaby to Fraser Canyon on the traditional territories of the Coast Salish and Nlaka’pamux Nations. Our team of 45,000 staff, medical staff and volunteers is dedicated to serving our patients, families and communities to deliver on our vision: Better health, best in health care.
We have an exciting Full Time
opportunity for a Security Analyst
to join our rapidly growing Information Security Team.
Effective October 26th, 2021, all new hires to Fraser Health will need to have full COVID 19 vaccination (have received a full series of a World Health Organization “WHO” approved vaccine against infection by SARS-COV-2, or a combination of approved WHO vaccines). Please note this applies to all postings, and individual medical exemptions must be approved by the Provincial Health Officer.
Build on your education &career experience.
We’re looking for experienced Security Analysts to support a number of projects that contribute to our ongoing cybersecurity maturity programs. In this role, you will:
- Be involved in a variety of projects such as security awareness and training, vulnerability management, SIEM, policies and standards development and implementation, ongoing risk assessments, and risk management activities
- Support our Security Architects in their work, and lean into all the mentoring and knowledge transfer they offer
- Work with the other Security Analysts on our team to ensure a strong focus on the seamless integration of network security into ongoing activities.
- Adapt to changing security, technology and business environments.
- Quickly comprehend the functions and capabilities of new technologies and present technical information to end users and other project stakeholders
- Commit to continual learning.
You’ll be part of a rapidly growing and diverse cybersecurity practice as you support an organisation dedicated to changing and improving the lives of your fellow citizens.
Take the next step and apply so we can continue the conversation with you.
Curious to learn what it’s like to work here? Like us on Facebook (@fraserhealthcareers), follow us on Twitter & Instagram (@FHCareer), or connect with us on LinkedIn (fraserhealthcareers) for first-hand employee insightsDetailed Overview
Supporting the Vision, Values, Purpose and Commitments of Fraser Health including service delivery that is centered around patients/clients/residents and families:
The Information Security Analyst provides initial intake, assessment, and prioritization of requests for Health Informatics and Information Technology (HIIT) Information Security Services and/or events requiring incident response prioritizing based on risk and urgency, ensuring that work activities are logged and tracked and that higher priority events are appropriately escalated. The Analyst helps coordinate investigations for security-related incidents and policy violations as well as participates as a key member of an integrated breach response team. The Analyst deals with sensitive and critical situations and provides training and education on Fraser Health's security procedures, policies, and standards at all levels of the organization.Responsibilities
- Conducts HIIT Security threat and risk assessments, investigations, and performs incident management activities utilizing approved processes and techniques to conduct electronic audits, review security logs and gather forensic evidence.
- Analyzes complex information through acute problem-solving to manage and investigate security incidents; develops reports, action plans, and response communications on mitigation strategies.
- Monitors and maintains security tracking tools and associated databases and prepares reports and presentations on metrics and risk trends.
- Maintains clear, concise, objective and complete documentation regarding all details of information security incidents and investigations to ensure action taken to contain and remediate these events are formally recorded.
- Monitors and interprets security alerts generated by security monitoring systems to ensure appropriate and timely response to security-related incidents.
- Participates in security, vulnerability, and risk assessments related to the information security features of the systems, networks, and related administrative activities; recommends mitigation strategies where necessary.
- Participates in the design, implementation, and evaluation of information security projects, objectives, policies, and procedures.
- Develops and proposes new operational security processes and enhancement of existing processes to ensure adherence to FH security policies, industry standards and legislated FIPPA requirements.
- Provides day-to-day guidance and direction both verbally and in writing to internal staff, physicians, clinicians, and management on information security policy, standards, and best practices.
- Assists in the delivery of Information Privacy and Security training programs and initiatives.
- Promotes good security practices and an organization culture of information security awareness.
- Performs other related duties as assigned.
Education and Experience
Bachelor's degree in Computer Science or a related field, plus five (5) years' recent, related experience in a large information technology services environment with a minimum of two (2) years' experience in an information security role, within a large organization, or an equivalent combination of education and experience. Preferred completion of intermediate to advanced information security certification from SANS, ISACA, (ISC)2 or other leading industry certification bodies.Competencies
Demonstrates the leadership practices of the Fraser Health Leadership Framework of Clear, Caring and Courageous and creates the conditions for people to succeed.Professional/Technical Capabilities:
- Comprehensive knowledge of information security principles, standards, best practices, and industry trends.
- Working knowledge of core security technologies including firewalls, anti-virus, intrusion prevention, and web content filtering. Experience in Security Incident Response.
- Investigative and analytical skills to research, analyze, and interpret data and information from a variety of disparate sources.
- Ability to utilize both analytical skills and conceptual thinking to identify and resolve issues.
- Advanced proficiency in business applications, Microsoft Office Suite, databases, internet/intranet, and report writing.
- Ability to operate related equipment including applicable software applications
- Physical ability to perform the duties of the position