Description
Join our team
We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.
The TELUS Health CSO team is committed to providing excellence in securing our internal and customers’ data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cyber security posture. We manage our cyber risks and provide industry leading cyber governance, assurance and oversight to secure our data globally.
We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.
Here’s the impact you’ll make and what we’ll accomplish together
As a Cyber Incident Manager you will assist in limiting the impact of a cyber security incident, helping to coordinate the business response and ensuring key stakeholders are kept informed at key stages. You will manage a team of Root Cause analysts, whom you will mentor, grow, lead and support. You will help to ensure lessons learned from cyber security incidents are incorporated into risk management and assurance processes, SbD principles and wider security awareness
What you will do
- Develop and implement the end to end Incident Response policies and processes for TELUS Health.
- Develop and continuously improve incident response playbooks working closely with other parts of the CSO team and wider TELUS security teams.
- Ensure stakeholders across TELUS Health business and technology teams are informed and updated regarding the status of cyber incidents (non-privacy related), working closely with colleagues in CSO and the TELUS Health command center.
- Provide a lead in the development of cyber exercises designed to test incident response capabilities and business processes, applying sector specific threat intelligence.
- Provide metrics and reporting regarding incidents and incident response activities to be highlighted to business leaders and executives in TELUS Health.
- Ensure that cyber security incidents (non-privacy related) are fully remediated,, where necessary following risk management processes and escalated as necessary.
- Work with physical security personnel to ensure cyber security procedures are incorporated into physical security controls.
- Develop a collection management framework, specific to TELUS Health, that can be incorporated into detection capabilities for proactive identification of events.
- Build an effective team of analysts to help with the delivery of end to end Cyber Incident Response.
- Responsible for reporting non-privacy related cyber security incidents to external partners regulators according to reporting requirements..
Qualifications
What you bring
- Whilst this role is non-technical, it requires a good level of understanding of Cyber Incident Response frameworks, requirements and approaches.
- Expertise problem solving, working in uncertain situations and stakeholder management are essential.
- Experience in responding to incidents (cross-business) is essential.
- Ability to work effectively under pressure and to manage sensitive and confidential information.
- Ability to mentor, lead and influence others.
- Excellent verbal and written communication skills, with strong attention to detail
Nice-to-haves
- A recognised cyber security certification in Incident Response (e.g. GIAC)
- A recognised information security certification (e.g. CISSP, CISM, CRISC)
- Ability to obtain relevant security clearance.
- Understanding of the healthcare industry, the key cyber security threats and the cyber kill chain.
If you don't have 100% of the experience listed above, you should still apply. We'd love to connect and learn about your unique skills and motivation to do meaningful work by leveraging the experience you DO have.
