Cybersecurity Analyst

**Cybersecurity Analyst**:
**Position Details**:
**Department**: DS- Cybersecurity
**Employee Type**: Regular, Full Time
**If Temporary, Number of Weeks**:
**Union**: Non-Union
**Openings Remaining**: 1

**Schedule**:
**Work Days**: Monday to Friday
**Time of Day**: Days
**Shift**: 7.5 hour
**This position may be scheduled at any of the following sites**: Charlton Campus (Hamilton Downtown)

**Application Dates**:
**Opening Date**: 20/04/23
**Closing Date**: 27/04/23 Applications must be received online by 12:00 midnight on the Closing Date

**Position Description**:
***:
The Security Operations Centre (SOC) Analyst works as part of team to monitor and identify threats to St. Joseph’s Healthcare Hamilton (SJHH) IT Infrastructure. The SOC Analyst is responsible for assessing security systems and measures for weaknesses and documents possible improvements while actively searching the environment for threats in order to maintain the confidentiality, integrity and availability of St. Joseph’s Healthcare Hamilton (SJHH) systems.

**KEY RESPONSIBILITIES & ACCOUNTABILITIES**:

- Contributes to the corporate efforts and initiatives, as appropriate, to enhance SJHH’s mission, vision and values.
- Performs duties in a manner that demonstrates the employee’s commitment to developing a culture of patient and staff safety through accountability, reliability, trust and team work..
- Monitors information security systems, tools, network and vendors for security breaches or potential threats and performs investigations and documentation as required.
- Responsible for triage, detection, and investigating potential security threats and mitigates risks.
- Investigates security breaches and participates in incident response
- Informs senior team resources on incidents by communicating methods of attack, areas of risk and mitigation
- Identifies high risk critical problems and escalates as appropriate.
- Monitors and advises on information security issues related to the systems and workflows at SJHH to ensure the internal security controls are appropriate and operating as intended.
- Monitors intrusion prevention and intrusion detection tools, and ensures processes are adhered to
- Monitors unmanaged IoT devices and assists in securing when possible
- Deploys and supports anti-virus/malware & anti-spam software
- Manages and actions ongoing vulnerability scanning to reduce risk
- Escalates, rejects and queries information requests when necessary
- Troubleshoots and resolves security system access issues.
- Analyzes client requests for potential risks before taking action.
- Responds to and investigates error reports/breaches of security.
- Assists with detailed investigations of information security breaches and/or in appropriate use of IT resources.
- Conducts risk assessments, vulnerability scans, to identify security risks and produces security audit and compliance reports.
- Conducts internal security audits and provides recommendations to mitigate risks to the environment.
- Monitors and validates controlled access to corporate security zones and escalate anomalies.
- Recommends information security improvements by assessing the current state, evaluating trends and anticipating requirements promoting continuous security posture improvement.
- Participates and notifies incident response and risk management needs of the hospital are properly addressed.
- Participates in configuration, support and evaluation of security tools.
- Monitors current trends of malware and intrusions and recommends enhancements to current security protection systems.
- Assists in the creation and maintenance of documented SOPs, policies and procedures of all systems.
- Assists with internal and external communication to management, issue resolution, testing plans, and relevant security items when necessary.
- Works with various business and clinical units to ensure corporate information security standards are in place and adhered to.

**QUALIFICATIONS**:

- High School Diploma required
- 1-3 year College Diploma in Computer Systems Technology Network Engineering and Security Analyst preferred
- C|EH, C|OSINT certification preferred
- CTF Experience, Threat hunting preferred
- 1-2 years prior information security and risk management experience
- 1-2 years previous experience in a technical role, implementing and supporting information security, operating systems, preferably in the health care industry
- 1-2 years prior experience administering healthcare security systems is preferred
- Basic understanding of the OSI model and ability to read and interpret network diagrams
- Ability to read and understand packet captures / protocol analyzers (wireshark, tcpdump, etc.)
- Knowledge of network intrusion prevention/detection techniques
- Knowledge of SIEM solutions and alert optimization
- Working knowledge of Operating System Software (Microsoft Windows Client and Server, Mac and Linux)
- Understanding of Windows/Linux attack vectors and latest