Senior Security Administrator

Who we are

We are an organization comprised of industry thought leaders who are passionate about health data and want to make a difference in the health care field. We are an independent, not-for-profit organization and together with our partners we provide essential information on Canada's health systems, enabling decisions that lead to healthier Canadians. As a valued member of the CIHI team, you and your work will have a pivotal role in the evolution of Canada's health care systems.

CIHI is recognized as an exceptional place to work that embraces diversity, respect, integrity, collaboration and innovation. Learn about our Equity, Diversity and Inclusion Strategy and the work being done to create a more inclusive and welcoming organization by focusing on how we learn, govern and practise

Why is this role important?

Reporting to the Information Security Architect, Infrastructure Services, the Senior Security Administrator is responsible for the operation and maintenance of CIHI’s security infrastructure through proactive enforcement of CIHI’s information security and management policies, procedures, standards, compliance and risk management.

The Senior Security Administrator will also contribute to the design, implementation, maintenance and evolution of network and security infrastructure devices and software, utilizing and contributing to standard operating procedures and best practices with a proactive and continuous improvement approach, while remaining current through ongoing education, research and innovation on security technology and the cyber security landscape.

The Senior Security Administrator role supports and participates in CIHI’s Information Security Management System (ISMS) through the implementation, management and/or monitoring of required Information Security controls and key ISMS processes a required, including but not limited to; Management, Audit and Assessment, Monitoring and Reporting and Records Management.

What you'll do

• Administer and maintain CIHI’s security systems and infrastructure (e.g. firewalls, VPNS, IPS, WAF) and associated systems and software, e.g. web proxies, cryptographic and log management systems, identity management solutions, and endpoint security software.
• Perform ongoing monitoring and examination of security appliance and network logs, scrutinizing network traffic, and investigating and responding to security incidents, events, breaches and cyber security threats.
• Conduct vulnerability and risk assessments, perform root cause analysis and audits, utilizing available tools and provide recommendations for improvements.
• Assist with the development, implementation and maintenance of CIHI’s IT security policies and procedures.
• Conduct research and remain current on emerging, threats, products, services, protocols, and standards in support of security enhancements and security/cybersecurity threats.
• Evaluate and test new security software and hardware technologies as required.
• Provide guidance to junior members of the team on all matters related to security technology and cybersecurity.
• Provide on-call support on a rotational basis.

What you'll bring to the table

• Undergraduate degree in a science program or equivalent.
• Minimum of 3-5 years’ experience as network/security Administrator
• Strong knowledge of TCP/IP and network administration and protocols
• Hands-on experience of firewalls, VPNs, intrusion prevention systems, web proxies, endpoint security solutions, SIEMs, identity management solutions, routers and network security devices and encryption software
• Strong knowledge of server operating systems such as Microsoft Windows, MAC and Red Hat Linux
• Solid understanding of Web applications inter-working using Windows/Linux, Apache/IIS and MS SQL/Oracle/MySQL
• Experience conducting vulnerability assessments, determining risk, and ensuring resolution of identified issues
• Ability to conduct research into security issues and products as required
• Experience with security cloud models such as IaaS, PaaS, SaaS, e.g. AWS, AZURE AD and Microsoft 365
• Experience in threat hunting and digital forensics would be an asset.
• Strong interpersonal and communication skills (oral and written)
• Demonstrated ability to develop and maintain documentation, policies and procedures
• Ability to effectively prioritize and execute tasks in minimal supervision
• Experience working in a team-oriented, collaborative environment
• Understanding of the CIHI’s goals and objective
• Lifting of moderately heavy objects such as servers and system appliances
• Ability to work in an on call rotation
• Ability to work flexible hours to maintain systems

We thank all those who apply, however, only candidates selected for an interview will be contacted.

At CIHI we are committed to fostering an inclusive, barrier-free and accessible environment. Part of this commitment includes arranging accommodations to ensure an equitable opportunity to participate in the recruitment and selection process. If you require an accommodation, we will work with you to meet your needs.