Junior Security Analyst

**Employment Type**: Permanent Full-time- ** Location(s)**: SK-Stoon-Saskatoon SK-Rgna-Regina- ** Salary Range**: $38.454 - $46.812 Hourly- ** Salary Supplement**: included in hourly salary range (in-scope)-
- **About eHealth**
As leaders in digital health innovation, we transform health care through connected health systems and advancing technology. With over 800 employees across 20 communities, we support IT infrastructure in 433 healthcare locations, ensuring seamless information-sharing and timely, effective patient care. We value a culture of strategic collaborating, trust and open dialogue. Our goal is to make Saskatchewan a leader and catalyst in digital health transformation, reshaping health care for the future. Help us put Saskatchewan at the forefront of digital health innovation.
- **About the Role**
As a Junior Security Analyst, you will play a key role in safeguarding eHealth’s information systems and supporting compliance with industry standards. You will help identify and assess risks, monitor security controls, and translate technical findings into actionable insights for stakeholders. This position contributes directly to building cyber-resilience across Saskatchewan’s health system, ensuring patient care is supported by secure and reliable technology.
- **What You’ll Do**
Reporting to the Manager, Cyber Security, Governance Risk and Compliance, you will:

- Conduct and support risk assessments for internal systems and third-party vendors.
- Assist in maintaining and monitoring the risk register, tracking remediation progress with business owners.
- Translate technical and regulatory requirements into clear, actionable steps for stakeholders.
- Review and align guidelines and procedures with frameworks such as NIST, ISO, SOC, and COBIT.
- Support security awareness campaigns and training sessions to strengthen organizational resilience.
- Create and maintain risk management reports in line with GRC-approved guidelines.
- Provide guidance to business units in completing security documentation and questionnaires.

**What You’ll bring to the Team**
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science or a related field.
- Minimum of 3 years of experience in cybersecurity, governance, risk management, or compliance.
- An equivalent combination of education and experience may be considered.
- Knowledge of information security frameworks and regulations (e.g., NIST, ISO/IEC 27001/27002, COBIT, PIPEDA, HIPAA, GDPR).
- Strong communication and interpersonal skills, with the ability to explain technical concepts in business terms.
- Completion of certifications such as Security+, CRISC, CISA, CISM, or CISSP is considered an asset.

**Competencies**
**Communication**: Clearly explaining technical risks and security requirements in simple, business-friendly language. Writing concise reports that meet audit and compliance standards. Actively listening to stakeholders and adapting communication style to different audiences (technical teams vs. business leaders).

**Problem-Solving**: Identifying vulnerabilities or gaps in security controls and proposing practical solutions. Using structured approaches (e.g., root cause analysis) to resolve issues. Demonstrating persistence and creativity when faced with incomplete information or complex challenges.

**Interpersonal** **skills**: Building trust and positive relationships with stakeholders across the organization. Handling disagreements constructively (e.g., when business units challenge TRA findings). Demonstrating empathy and patience when guiding non-technical staff through complex forms or compliance requirements.

**Teamwork & Independence**:Collaborating with cross-functional teams (IT, HR, Legal, Compliance) to achieve shared goals.**Respecting diverse perspectives and building consensus-driven solutions.**Working independently on assigned assessments or reports, showing initiative and accountability without constant supervision.

**Analytical** **Thinking**: Evaluating the design and effectiveness of security controls using established frameworks (NIST, ISO, SOC). Translating complex data into actionable insights for decision-makers. Spotting patterns in risk assessments to anticipate emerging threats or compliance gaps.

**Organizational Skills**:Managing multiple risk assessments, compliance tasks, and remediation follow-ups simultaneously. Keeping risk registers, documentation, and reports accurate and up to date. Prioritizing tasks effectively to meet deadlines without compromising quality.
- **Attention to Detail**:Ensuring reports, registers, and compliance documentation are complete, accurate, and audit-ready. Catching inconsistencies in vendor questionnaires or regulatory requirements before they become risks. Maintaining precision while balancing speed and efficiency in daily tasks.

**As one of Saskatchewan’s Top Employers this is Why You’ll Love Working Here**
- Career paths and opportunity for advancement
- Heal