Security Analyst

**Job Information**

Job Requisition ID: 48175
Ministry: Health
Location: Edmonton
Full or Part-Time: Full Time
Hours of Work: 36.25 hours per week
Permanent/Temporary: Ongoing
Scope: Open Competition
Classification: System Analyst Level 2

**Salary**: $2,718.86 to $3,733.10 bi-weekly ($70,962 - $97,433/year)

The Ministry of Health leads work in the areas of Alberta health insurance and benefits, doctors, hospitals and facilities, and other healthcare supports and information. For more information on the work Alberta Health does, visit this link:
The Health Information Systems Division is responsible for the administration of Alberta’s _Health Information Act_ including health information policy and advice as well as the strategic planning and delivery of information management and technology systems and services that support the strategic goals of the Ministry and the health system.

**Role**:
The Privacy and Security team within the Ministry of Health is looking for a strong team player to join the Health Information Act (HIA) Policy, Privacy, and Security Unit. If you are a collaborative team player who takes initiative and supports a solution-focused approach to information technology security and risk management, we want to hear from you

As a Security Analyst you will be tasked with the protection of Alberta Health’s information assets from a confidentiality, integrity, and availability perspective. You will be responsible to identify, assess, monitor, detect, investigate, research, and respond to threats and incidents impacting the security of information assets.

The position supports the Department’s Information Security Management Directives (ISMD) and contributes to the safe operation of the computing environment. Incumbents may also be responsible for participating in or coordinating the development and implementation of security controls, technology, processes, policy instruments, or awareness materials.

The Security Analyst works closely with the Manager, Privacy and Security to maintain and provide risk-based information security advice for both the Department and the provincial health sector by:

- Supports the development and implementation tracking and risk management reporting of the Alberta Health Information Management Security Directives, security policies, strategies, processes, and other controls in compliance with Alberta Health and Government of Alberta Information Security Management Directives and Standards.
- Working with Information Technology operations and business areas to identify Department standards, policies, processes, and Security by Design principals; and to ensure adequate security and necessary remediations are applied and maintained within current and new IT environments.
- Provide expert support to the health sector security working group, facilitating cross-health system work and discussion with stakeholders around threats and mitigation strategies for the health sector.
- Participation in security threat risk assessment processes, identification of risk and advice, identification of necessary deliverables, and mitigation of vulnerabilities and threats.
- Facilitating information security assurance audits and reports audits (e.g. SOC 2 Type 2 vulnerability assessment, penetration tests, etc.), including analysis and provision of risk-based advice for business areas.
- Reviewing and updating department policies, and any related standards, policies, processes, and business facing supporting material.
- Reporting and documenting security metrics and incidents to management and others as required.
- Researching, analyzing, and developing advice to address information security risks for unique scenarios within a complex environment.
- Participating in cross-government initiatives involving information security as required.

Overall, you are passionate about information security and risk management. You are a team player helping those you work with to understand and address concerns. You take initiative and bring a collaborative approach to your work and professional relationships. You are adept working in a dynamic and complex environment and have an ability to leverage creative solutions using existing tools as well as resources. You have strong written and verbal communication to support Alberta Health’s efforts to manage information security and risk.

**Qualifications**:
**University Degree **in Information Systems Security Management or Information Technology or related computer technology field, and 2 years of related industry experience **is required**.
or
**Related two-year diploma** in computer technology or a related discipline from a recognized post-secondary institution and three years related experience;
or
**Related one-year certificate** from a recognized post-secondary institution and four years related experience.

Minimum recruitment standards outline the minimum education and experience required for appointment to a job classification. Re