Information Security Analyst

Information Security Analyst(Job Number:

Primary Location:ON-MississaugaInformation TechnologyEmployee Type:Full-Time

Description:

Bayshore HealthCare is one of the Canada's leading providers of home and community health care services and is a privately owned company. Bayshore HealthCare is proud to showcase its achievement as a Platinum member of Canada's Best Managed Companies Program every year since 2006. Bayshore Healthcare is also recognized as Canada's Best Employers in Forbes 2023 list.

The Technical Security Analyst, under the direction of the Manager Information Security & Privacy assists with the planning and implementing of security measures to protect Bayshore's information computing systems and data that supports the company's Security program and objectives. The role's main activities include system monitoring, risk assessment, technical review of company initiatives and enhancements, policy review and development.

DUTIES AND RESPONSIBILITIES

• Support security operations by analyzing event data from multiple sources to detect unusual activities and swiftly address any security breaches or incidents. Carry out root cause analyses and implement necessary corrective measures.
• Evaluate and analyze vulnerability management reports, coordinating remediation efforts with relevant teams.
• Help maintain auditing programs to ensure compliance with Information Security policies.
• Update the risk register by conducting risk and impact assessments related to information security; collaborate with stakeholders and management to communicate risks and remediation actions.
• Oversee system security administration for designated technology platforms, which include operating systems, applications, and security systems.
• Manage the Security Exception Process to assist Security teams in tracking exceptions, managing approvals, and enhancing automation.
• Develop and implement security policies, procedures, and protocols to safeguard the organization's data and network infrastructures.
• Aid in Information System audit and compliance efforts.
• Conduct research and report on various technologies and current attack trends.
• Compile security operations metrics and provide updates to management team.
• Identify opportunities for process improvements or efficiency gains, which may involve creating tools, workflows, or playbooks to automate routine tasks for better security effectiveness.
• Assist the team in maintaining up-to-date documentation and drafting new procedures as necessary.
• Lead Bayshore's Information Security & Privacy Awareness program.
• Engage in small to medium-sized projects to integrate information security and privacy requirements for proactive information protection.
• Coordinate web assessments and penetration testing with external vendors, followed by remediation efforts.
• Complete additional security-related tasks as assigned.
• Act as a backup for the Information Security Officer.
• Be available for overtime work outside regular business hours or on weekends when needed.

DUTIES AND RESPONSIBILITIES

• Support security operations by analyzing event data from multiple sources to detect unusual activities and swiftly address any security breaches or incidents. Carry out root cause analyses and implement necessary corrective measures.
• Evaluate and analyze vulnerability management reports, coordinating remediation efforts with relevant teams.
• Help maintain auditing programs to ensure compliance with Information Security policies.
• Update the risk register by conducting risk and impact assessments related to information security; collaborate with stakeholders and management to communicate risks and remediation actions.
• Oversee system security administration for designated technology platforms, which include operating systems, applications, and security systems.
• Manage the Security Exception Process to assist Security teams in tracking exceptions, managing approvals, and enhancing automation.
• Develop and implement security policies, procedures, and protocols to safeguard the organization's data and network infrastructures.
• Aid in Information System audit and compliance efforts.
• Conduct research and report on various technologies and current attack trends.
• Compile security operations metrics and provide updates to management team.
• Identify opportunities for process improvements or efficiency gains, which may involve creating tools, workflows, or playbooks to automate routine tasks for better security effectiveness.
• Assist the team in maintaining up-to-date documentation and drafting new procedures as necessary.
• Lead Bayshore's Information Security & Privacy Awareness program.
• Engage in small to medium-sized projects to integrate information security and privacy requirements for proactive information protection.
• Coordinate web assessments and penetration testing with external vendors, followed by remediation efforts.
• Complete additional security-related tasks as assigned.
• Act as a backup for the Information Security Officer.
• Be available for overtime work outside regular business hours or on weekends when needed.

DUTIES AND RESPONSIBILITIES

• Support security operations by analyzing event data from multiple sources to detect unusual activities and swiftly address any security breaches or incidents. Carry out root cause analyses and implement necessary corrective measures.
• Evaluate and analyze vulnerability management reports, coordinating remediation efforts with relevant teams.
• Help maintain auditing programs to ensure compliance with Information Security policies.
• Update the risk register by conducting risk and impact assessments related to information security; collaborate with stakeholders and management to communicate risks and remediation actions.
• Oversee system security administration for designated technology platforms, which include operating systems, applications, and security systems.
• Manage the Security Exception Process to assist Security teams in tracking exceptions, managing approvals, and enhancing automation.
• Develop and implement security policies, procedures, and protocols to safeguard the organization's data and network infrastructures.
• Aid in Information System audit and compliance efforts.
• Conduct research and report on various technologies and current attack trends.
• Compile security operations metrics and provide updates to management team.
• Identify opportunities for process improvements or efficiency gains, which may involve creating tools, workflows, or playbooks to automate routine tasks for better security effectiveness.
• Assist the team in maintaining up-to-date documentation and drafting new procedures as necessary.
• Lead Bayshore's Information Security & Privacy Awareness program.
• Engage in small to medium-sized projects to integrate information security and privacy requirements for proactive information protection.
• Coordinate web assessments and penetration testing with external vendors, followed by remediation efforts.
• Complete additional security-related tasks as assigned.
• Act as a backup for the Information Security Officer.
• Be available for overtime work outside regular business hours or on weekends when needed.

Qualifications:

Education

• College or University level education or equivalent level of experience in the industry.
• Completion of a Security related certification is mandatory and considered an asset (CISSP, CISA, GIAC, etc.).

Experience

• Minimum 3 years' experience in a technical security consultant or analyst role.
• Demonstrates expert knowledge of network security control environments and architecture, including, system administration, intrusion detection, network architecture, enterprise threat management, perimeter controls.
• Knowledge of network security controls, appliances, including next generation perimeter security controls and web application firewalls.
• Systems administration experience, in Networks and Windows is considered a strong asset;
• Knowledge of traditional and cloud Architecture, experience of AWS or other public and private cloud technologies a plus.

Other Skills and Abilities

• Ability to work independently with minimal supervision;
• Strong verbal and written communication skills are essential;
• Ability to work effectively and collaboratively with internal staff, external partners and stakeholders.
• Demonstrates solid analysis skills
• Displays high ethics and trust values