IM IT Security and Risk Analyst - Jobs in Halifax, NS

Job Description

Req ID: 139025Company: Nova Scotia HealthLocation: Central Zone, Bethune Building - QEIIDepartment: IMIT SECURITY RISK MGMT-CNSType of Employment: Permanent Hourly FT (100% FTE) x 1 position(s)Status: MGMT/NON-Union Management/Non Union PositionPosting Closing Date: 22-Aug-22Nova Scotia Health is the largest provider of health services in Nova Scotia, with some specialized services also offered to clients throughout Atlantic Canada. We’re on a mission to achieve excellence in health, healing and learning through working together, which is reflected in the hospitals, health centres and community-based programs we operate across the province. Our passionate team of professionals provides a variety of high-quality inpatient and outpatient services including academic, tertiary, and quaternary care, as well as continuing care, primary health care, public health, and mental health and addictions. Join a diverse team of innovators, collaborators and creative thinkers today.Nova Scotia Health employs professionals in all corners of our beautiful province. We believe theres a place here for everyone to call home, from vibrant cities with exuberant nightlife to quaint towns with picturesque trails. The work-life balance that comes with an Nova Scotia Health role means youll have the time to explore, discover, and participate in that coveted Atlantic lifestyle. Visit us today and check out www.novascotia.com to see why more people from across the globe are moving here.ResponsibilitiesThe IM/IT Security & Risk Analyst (SRA) supports the analysis, classification, and response to cybersecurity risks within an organization. The SRA addresses cybersecurity risk and analyses the potential business and customer risk, aligning processes and controls to the relevant frameworks and internal systems.Information Security & Risk Management:

• Ensure security controls are adequate to protect sensitive information systems as defined by the Canadian Centre for Cyber Security Cryptographic Algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B Information (ITSP.40.111)
• Align security control recommendations
• Conduct cost benefit analysis on (preventative, detective and responsive) security controls to maximize control coverage and Return on Investment (ROI)
• Ensure technology risks, as well as opportunities gained, are identified and communicated to management and various stakeholders
• Work with various stakeholder to investigate information technology risk with the various stakeholders, providing recommendations and security controls to manage technology risk
• Conduct annual risk assessments
• Identify and consolidate contractual and legal requirements
• Develop information security policies, procedures and standards specific to Nova Scotia Health
• Track the inventory of systems and devices to ensure the vulnerability management function is aligned with asset criticality and data sensitivity
• Notify operational teams on vulnerability status, following up on remediation activities and the target remediation deadlines
• Stay conversant on current advances in all areas of information technology affecting the Healthcare systems (people, processes and technology) concerning vulnerabilities, security breaches or attacks from both insider (malicious or unintentional) and external malicious attacks
• Ongoing evaluation of IM/IT systems ensuring security controls are performing as designed
• Working with IM/IT ensuring compliance with security controls and deficiencies
• Identify defensive steps including network security, firewalls/firewall rules, security software, encryption, identity management, configuration management and logging
• Communicate recommended disaster recovery and business continuity preparations and testing processes
• Support and deliver the Cyber Security Awareness program across IM/IT and other stakeholders utilizing systems and data

Qualifications

• B.Sc. in Computer Science/Information Security/B. Business with Major in Information Technology or 4+ years equivalent experience in an Information Technology and Information Risk Management
• 1-2 years experience as a Security Analyst or Information Risk Analyst
• The following certifications considered an asset - CISSP, CRISC, CISA, CISM, ISO 31000, HCISPP, ISSMP, GIAC (GSLC), GIAC (GSTRT)
• Strong applied knowledge of:
• Security & Privacy Incident Response & Event Management Processes
• Canadian Privacy Requirements
• Current Security Technologies and Tools
• Cloud Services and Amazon AWS security practices
• Vulnerability Management processes, technologies and practices and information Security Testing & Assessments
• Supply Chain Risk Management
• Risk Assessment methodologies and practices
• Project Management Methodologies (Waterfall and Agile)
• Frameworks: NIST800-53, NIST CSF, ITIL, ISO 27001/02, MITRE ATT&CK(R) COBIT2019, FEDRAMP, CSA CAIQ
• Internal/External Audit Processes

Hours of Work

• Permanent full time position; 70 hours bi-weekly

Salary Information$31.08 - $38.85 hourlyOnce Youve AppliedThank you for your interest in this position. Only those applicants selected for an interview will be contacted.This is a Management/Non Union bargaining unit position. Preference is given to bargaining unit employees for unionized positions. Employees are encouraged to view their seniority hours and dates in their SuccessFactors online profile. Successful applicants changing unions, bargaining units or employment status, are advised to seek clarification regarding their seniority, benefits, and vacation entitlement and/or usage, prior to accepting the position.As per the COVID-19 Mandatory Vaccination Protocol in High-Risk Settings, Nova Scotia Health requires all team members to be fully vaccinated by November 30th, 2021.Nova Scotia Health is committed to being a workforce that is free of discrimination, values diversity and is representative, at all job levels, of the people we serve. We encourage all qualified applicants who self-identify as Indigenous, Black/African Nova Scotian, Persons of Colour, Immigrants/Newcomers, Persons with Disabilities, 2SLGBTQIA+ to apply and self-identify.Follow Us!https://www.facebook.com/NovaScotiaHealthAuthority/https://www.instagram.com/novascotiahealthauthorityhttps://www.linkedin.com/company/nsha/https://twitter.com/healthnsQuick Apply

• Terms & Conditions
• New Privacy
• Privacy Center
• Accessibility

For Job Seekers

• Browse Jobs
• Advanced Job Search
• Emplois Quebec

For Employers

• Post a Job
• SimplyHired OnDemand

Stay Connected