Senior Security Administrator
Canadian Institute for Health Information
Hybrid Remote, Toronto, ON
Compensation: Not Listed
Friday, Jul 19, 2024
11:00 AM to 3:00 PM EDT
This position requires 2 days onsite work either at our North York office or Ottawa office
Who we are
We are an organization comprised of industry thought leaders who are passionate about health data and want to make a difference in the health care field. We are an independent, not-for-profit organization and together with our partners we provide essential information on Canada's health systems, enabling decisions that lead to healthier Canadians. As a valued member of the CIHI team, you and your work will have a pivotal role in the evolution of Canada's health care systems.
CIHI is recognized as an exceptional place to work that embraces diversity, respect, integrity, collaboration and innovation.
At CIHI, we recognize what matters to our employees. Some of the benefits of working at CIHI include
Job Summary
;
Reporting to the Information Security Manager, the Senior Security Administrator is responsible for the operation and maintenance of CIHI’s security infrastructure through proactive enforcement of CIHI’s information security and management policies, procedures, standards, compliance, and risk management.
;
The Senior Security Administrator role supports and participates in CIHI’s Information Security Management System (ISMS) through the implementation, management and/or monitoring of required Information Security controls and key ISMS processes, including but not limited to, Management, Audit and Assessment, Monitoring and Reporting and Records Management.
Duties and Responsibilities
;
1.;;;;;;;;;;;;;Administers and maintains CIHI’s security systems and infrastructure (e.g. firewalls, VPNS, IPS, WAF) and associated systems and software, e.g. web proxies, cryptographic and log management systems, identity management solutions, and endpoint security software.
2.;;;;;;;;;;;;;Performs ongoing monitoring and examination of security appliance and network logs, scrutinizing network traffic, and investigating and responding to security incidents, events, breaches, and cyber security threats.
3.;;;;;;;;;;;;;Ability to configure and manage security controls and policies for cloud service providers like AWS and Azure, ensuring robust protection for cloud-based infrastructure and applications.
4.;;;;;;;;;;;;;Conducts vulnerability and risk assessments, performs root cause analysis and audits, utilizing available tools and provide recommendations for improvements.
5.;;;;;;;;;;;;;Assists with the development, implementation, and maintenance of CIHI’s IT security policies and procedures.
6.;;;;;;;;;;;;;Conducts research and remain current on emerging, threats, products, services, protocols, and standards in support of security enhancements and security/cybersecurity threats.
7.;;;;;;;;;;;;;Evaluates and tests new security software and hardware technologies as required.
8.;;;;;;;;;;;;;Provides guidance to junior members of the team on all matters related to security technology and cybersecurity.
9.;;;;;;;;;;;;;Provides on-call support on a rotational basis.
10.;;;;;;;;;;Participates in other related duties and projects as required.
Knowledge and Experience
;
·;;;;;;;;Bachelor’s degree in a relevant science discipline or equivalent experience.
·;;;;;;;;A minimum of 3-5 years as a Network/Security Administrator.
·;;;;;;;;In-depth knowledge of TCP/IP, network administration, and protocols.
·;;;;;;;;Practical experience with deploying and managing firewalls, VPN solution, intrusion prevention systems, web proxies, endpoint security solutions, SIEMs, identity management solutions, routers, network security devices, and encryption software.
·;;;;;;Proficient with server operating systems including Microsoft Windows, macOS, and Red Hat Linux.
·;;;;;;Expertise in deploying and managing security tools and services for various cloud infrastructures to identify and resolve security issues. Proficient with cloud models such as IaaS, PaaS, SaaS, including AWS, Azure AD, and Microsoft 365.Comprehensive understanding of Web applications inter-working using Windows/Linux, Apache/IIS and MS SQL/Oracle/MySQL Experience conducting vulnerability assessments, determining risk, and ensuring resolution of identified issues.
·;;;;;;;;Ability to conduct research into security issues and products as required.
·;;;;;;;;Experience in threat hunting and digital forensics would be an asset.
·;;;;;;;;Strong interpersonal and communication skills (oral and written)
·;;;;;;;;Demonstrated ability to develop and maintain documentation, policies, and procedures.
·;;;;;;;;Ability to effectively prioritize and execute tasks with minimal supervision.
·;;;;;;;;Strong organizational skills with excellent attention to detail.
·;;;;;;;;Proven experience working in a collaborative, team-oriented environment.
·;;;;;;;;Ability to lift moderately heavy objects such as servers and system appliances.
·;;;;;;;;Availability for an on-call rotation.
·;;;;;;;;Flexibility to work outside standard hours to maintain systems and participate in an on-call rotation schedule
·;;;;;;;;Fluency in English is required, bilingualism in both official languages is an asset.