Security Analyst

Job Information

Job Title: Security Analyst

Job Requisition ID: 77433

Ministry: Primary and Preventative Health Services

Location: Edmonton

Full or Part-Time: Full-time

Hours of Work: 36.25 hours per week

Permanent/Temporary: Permanent

Scope: Open Competition

Closing Date: November 26, 2025

Classification: Systems Analyst Level 2

Salary: $3,115.21 to $4,277.30 bi-weekly ($81,307 - $111,638/year)

The Ministry of Primary and Preventative Health Services builds a more resilient and sustainable health care system that supports Albertans in getting care when and where they need it, while responding to system‑wide health challenges, improving health outcomes, and maintaining fiscal responsibility. The ministry protects public health, promotes wellness, coordinates and delivers safe, person‑centered, quality health services, plans health system and capital infrastructure, supports innovative information management and technologies, regulates health care, and funds the health system.

The Department establishes the Government of Alberta’s strategic direction for health, advising the government on health policy, legislation and standards, monitoring and reporting health system performance, setting policies for the electronic/digital health environment, and providing oversight and accountability across the health system.

Role Responsibilities

Reporting to the Manager, Privacy and Security, the Security Analyst plans, implements, monitors, and evaluates information security controls supporting Alberta’s Health Sector. The role includes leading security incident response, assessing cyber threats, supporting Information Security Management Directives (ISMD) implementation, and ensuring alignment with GoA security policies and standards. The analyst collaborates closely with technical and non‑technical stakeholders across the GoA, public sector, and healthcare organizations.

- Information Security Governance & Program Support

- Contribute to the development, implementation, maintenance, and monitoring of departmental information security programs, policies, standards, and processes.

- Ensure provincial information security requirements are adhered to by custodians connected to the Electronic Health Record (EHR).

- Support IT project teams by vetting deliverables, completing threat risk assessments, and helping identify appropriate risk mitigation strategies.

- Lead or participate in cross‑government security initiatives, as required.

- Identify, assess, document, and treat security threats and risks.

- Maintain awareness of emerging cyber threats, conduct research, and translate findings into actionable recommendations.

- Ensure risks are recorded in the GoA Information Technology Security Risk Register.

- Provide executive‑level reporting on threats, incidents, and security posture.

- Technical Security Controls Management

- Maintain and configure security tools and systems in alignment with evolving threats.

- Recommend technical and process controls to balance security needs with business requirements.

- Conduct research and engage in peer learning to remain current with best practices.

- Security Incident Response

- Monitor and respond to information security incidents according to established protocols.

- Manage escalated or critical incidents, potentially leading a small incident response team.

- Produce detailed incident reports and provide status updates to management.

- Role Responsibilities Cont.

- Contribute to development of security training and awareness materials.

- Deliver training sessions and promote security best practices across the organization.

- Provide guidance and advice to stakeholders on information security practices and exceptions.

- Disaster Recovery Support

- Support program areas in developing IMT Disaster Recovery plans and documentation.

- Provide recommendations to enhance organizational resilience.

- Mentor junior staff and support team development.

- Lead or coordinate small projects or related activities.

- Participate as a subject matter expert on information security initiatives.

Competencies

- Systems Thinking: Take a long‑term, holistic view when approaching organizational objectives. Consider whole‑of‑system impacts, future risks, and emerging opportunities. Anticipate outcomes and incorporate diverse stakeholder perspectives.

- Creative Problem Solving: Tackle complex issues with curiosity and resourcefulness. Seek root causes and challenge assumptions.

- Agility: Comfortable navigating change and uncertainty. Identify alternative approaches and help others do the same.

- Develop Networks: Build strong, purposeful relationships that support shared outcomes.

- Build Collaborative Environments: Foster a culture of teamwork and open communication.

Qualifications

Minimum Recruitment Standards

- University graduation in computer, information systems, or information security, plus two years related experience; or equivalent.

- Equivalency: a related two‑year diploma in computer technology or a related discipline from a recognized postsecondary institution and four years related experience; or a related one‑year certificate and five years related experience.

}

The following experience is required:

- Technical and policy experience in the Information security field, in operational and tactical roles.

- Experience in information systems security, infrastructure planning and architecture.

- Experience with research and analysis to enhance knowledge in current and emerging trends within Information Systems Security.

- Extensive knowledge of information security standards and practices and frameworks (ISO 27K, NIST, COBIT, etc.).

- Information Security testing tools and techniques, and security & privacy enhancing technologies.

- Working knowledge of HIA and health specific principles and practices, including other relevant legislation compliance management.

Assets:

- One security certification (CISSP, CISM, CISA, CEH, GPEN, or equivalent).

Preference:

- Oral and written communication skills.

- Ability to work both independently and in a team environment.

Hours of Work

8:15 AM to 4:30 PM, Monday to Friday. This is a full‑time position working 36.25 hours per week.

Security Screening

- Final candidates will be required to undergo a security screening.

- Any costs associated with obtaining the required documents/checks and interview travel expenses will be the responsibility of the candidate.

Application Process

A cover letter outlining how your experience relates to the qualifications of this role is required. In your resume, include dates (including months and years) associated with all education and work experience and indicate whether your work experience is casual, part‑time, or full‑time.

- Positive workplace culture and work‑life balance.

- Leadership and mentorship programs.

How To Apply: Applicants are advised to provide information that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies. Candidates must apply for a job online. Please visit https://www.alberta.ca/job-application-resources#before for more information.

It is recommended that applicants who have completed post‑secondary studies from outside of Canada obtain an evaluation of their credentials from the International Qualifications Assessment Service (IQAS) or from a recognized Canadian Credential Evaluator.

We thank all applicants for their interest. All applications will be reviewed to determine which candidates’ qualifications most closely match the advertised requirements. Only individuals selected for interviews will be contacted. If you require further information or an accommodation during the recruitment process, please contact Milissa Gray at Milissa.Gray@gov.ab.ca.

#J-18808-Ljbffr