Senior Specialist, Security

4 weeks ago


Toronto, Canada Ontario Health Full time

At Ontario Health, we are committed to developing a strong organizational culture that connects and inspires all team members across the province. Our vision is that together, we will be a leader in health and wellness for all. Our mission is to connect the health system to drive improved and equitable health outcomes, experiences and value. How we work together is reflected through our five values: integrity, inspiration, tenacity, humility and care. 

What Ontario Health offers: 

Achieving your career goals is a priority to us. Benefits of working at Ontario Health may include the following based on employment type:

• Fully paid medical, dental and vision coverage from your first day
• Health care spending account
• Premium defined benefit pension plan
• 3 personal days and 2 float days annually
• Individual contributors start at 3 weeks’ vacation with 4 weeks at 2 yrs. 
• Career development opportunities
• A collaborative values-based team culture
• A wellness programs 
• A hybrid working model
• Participation in 


Want to make a difference in your career? Consider this opportunity. 
 
The Senior Specialist, Security will work with various teams within Ontario Health and with its health sector partners to ensure the timely, efficient, and quality delivery of Cyber Security products and services. They will contribute to the assessment, development, execution, and maturing of OH's information security programs, and serve as a security subject matter expert to the organization. The Senior Specialist, Security typically is an individual contributor that takes a leading role in various security governance and operational initiatives by providing security expertise, facilitating collaboration, and furthering the organization's objectives.
 
Here is what you will be doing: 

• Identifies and recommends security controls and solutions, as well as the tactical approaches to deliver them, for product/services/and assessment initiatives that meet projects and customer needs and timelines, while adhering to overall OH security frameworks and approved methodologies and patterns.
• Consults on and advises and influences product/portfolio project planning by identifying security by design and significant for products in a holistic approach to ensure end products and services are aligned with OH Security program requirements.
• Assesses and identifies cross-product security control gaps and opportunities for mitigation and alignment with the security policies and standards and industry best practices, and advocates for solutions to address security gaps with product owners before releasing them to production.
• Analyzes proposed solution architectures, technology, design, and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes. Identifies, analyzes, and recommends options for risk management at appropriate levels within the enterprise and the health care sector.
• Supports the development of roadmaps, program, and product vision.
• Provides guidance on how to build and deploy secure solutions or placing compensating controls for business and technical challenges.
• Identifies dependencies in project and product deliverables and provides guidance for planning and delivery.
• Influences and guides senior and lead developers, IT Operations and Service Desk, and Architects related to Security requirements, vision, best practices, and principles.
• Delivers internal security consulting services.
• Works with a high level of autonomy in setting objectives based on minimal direction from management.
• Collaborates with internal peers and local programs to ensure alignment of security practices, controls, patterns, and solutions to mitigate identified risks and gaps.
• Stays current on security landscape and threat vectors and assesses new security trends with respect to Ontario Health’s business needs and identifies opportunities to improve the security posture of products and services and on business, technology, architecture, and solution design trends.
• Stays abreast of provincial, federal, and international security attack tools, Tactics, Techniques, and Procedures (TTPs), and secure operating trends.
• Guides and influences project team to align and build with an eye to OH's Information Security approved frameworks and methodology.
• Develops, maintains, and evolves relationships with external organizations and communities of practice. toward the betterment of Ontario Health, Ontario, and Canada wide health system cyber security practice.
• Guides and influences portfolios, partners, and health sector entities to align solutions and services to Ontario Health’s digital and cyber security vision considering provincial, national, and international mandates.
• Collaborates with and guides and mentors senior, junior and peer security specialists.
• Coaches developers, IT operations and architects about latest security threats and landscape and well as introducing tools and techniques as needed controls for securing OH digital assets, data, and operation.
• Identifies opportunities, impacts and transformations required to realize their value and assess their implications on the future state of specific products or portfolios.
• Frames information and communicates in a high-risk environment where information sharing to demonstrate transparency and trust is closely balanced with the reputational and liability risks of not sharing the appropriate information to the right audience or at the right time.
• Provides subject matter expertise in various provincial and regional cyber security governance and risk management initiatives.
• Consults with members and organizations in the health care community to implement security policies and related controls and to onboard them to regional and provincial health care initiatives.
• Tracks the implementation and remediation activities across organizations.
• Coordinates internal and external information security initiatives as a subject matter expert to reach feasible security solutions for complex problems and issues across the health care sector. Plays a leading role in the implementation and operationalization of those solutions.
• Contributes to the ongoing development and maturing of the OH security program, consulting, and assurance practices.
• Implements tools and processes to manage workflow and materials related to the information security governance.
• Prepares and maintains security-training materials, deliver security-training sessions to various stakeholders throughout the province and within the organization.
• Manages multiple clients and security related projects simultaneously and presents status updates to upper management.
• Works with IT, Development, and all other OH Enterprise teams to establish appropriate security processes, controls and ensure compliance with security policies.
• Takes a leading role in various OH security initiatives providing security expertise, facilitating collaboration and furthering OH's security objectives.
• Operates and monitors various state of the art tools to detect, prevent and mitigate cyber security threats or risks to OH.
• Works with internal and external (regional partner and vendor) stakeholders.
• Collaborates with members within OH, and with the provincial and federal level cyber security counterparts to support OH and the healthcare sector from cyber threats.
• Makes decisions where results have a major impact across the organization requiring on the fly recommendations to the project teams, developers, and IT operations while following the overall OH approved and Industry best practices.

Here is what you will need to be successful: 
 
Education and Experience 

• BA or MBA in Computer Science, Information Systems or other related field, or equivalent work experience.
• 6-8 years of overall working experience in technology/digital/systems roles.
• 3-5 of it working experience in security technologies, principles, risk management, vulnerability management, monitoring and incident response, program development, and architecture.
• Certifications in cyber security (e.g., CISSP or CISA) are required, or working towards.
• Experience conducting and leading Cyber Security Readiness assessments, business process analysis, continuous improvement, process redesign.
• Experience evaluating existing cyber security performance, establishing cyber security KPIs, applying performance methodologies.
• Experience in security governance development Policies, Standards, Procedures.
• Experience with change management including design, preparation and maintenance of security training materials, proven ability to deliver security training sessions to various stakeholders within healthcare and at different scales.
• Experience influencing, negotiating, and building positive relationships within the team and external parties.
• Experience with and knowledge of Microsoft Office tools including SharePoint & Teams, Microsoft Project and Microsoft Project Server.
• Strong knowledge and experience in the Evaluation and Synthesis of security risk using methodologies such as HTRA and frameworks such as ISO 27001/2 and NIST CSF. Expert understanding of risk assessment methodologies such as HTRA and CSF, and frameworks such as ISO 27001/2and NIST.
• Knowledge of security architecture
• Strong understanding of Security Architectural and Design concepts for products and services within Ontario Health and partners (e.g. ,Hospitals).
• Evaluation of systems knowledge and experience developing and working with security architecture, and IT management frameworks such as SABSA, and CoBIT.
• Experience conducting security risk assessments and threat modelling.
• Broad knowledge of TRA methodologies and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies
• Broad Understanding of typical security threats, vulnerabilities and safeguards relevant to application development, test and QA environments, and IT (datacenter) operations.
• Strong understanding of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. e.g., PHIPA.
• Knowledge of a wide variety of information systems and security technologies including Operating Systems security, LAN and WAN, Internet protocols and applications, secure communications, firewalls, IDS/IPS, PKI, identity management, identification and authentication techniques, role-based access control, malware defenses, etc.
• Knowledge and experience on a wide variety of information systems and security technologies including Operating Systems security, Cloud Security, SIEM, SOAR, EDR, Email Security, Firewalls, Container Security, Secure SDLC, etc.
• Experience in leading end-to-end planning, architecture, solution development, and execution of program activities.
 
Knowledge and Skills 

• Superior problem-solving and analytical skills to prioritize rapidly changing incidents, investigating and troubleshooting; track implementation/remediation activities.
• Superior communication skills, both orally and in writing to interpret and communicate risk management concepts; listen, facilitate, and communicate complex content and material to large and diverse audiences; understand and discuss technical concepts; develop security-related tools, policies, training, and other material; build strong relationships with clients.
• Ability to motivate other team members to achieve higher goals and improve the impact of technology initiatives.
• Demonstrated ability to understand and discuss technical concepts, manage trade-offs, and evaluate opportunistic innovative ideas with internal and external partners.
• Able to quickly learn new technologies and support new projects and initiatives in a rapidly changing environment.
• Ability to perform under extreme degrees of pressure during live security incidents.
• Ability to develop policies, plans, standards, assessments, and strategies in compliance with legislation, policies, and standards in support of organizational cyber activities.
• Strong ability to work in collaborative planning, consensus building, and influence between stakeholder with diverse interests.
• Adept at managing trade-offs and evaluating opportunities for innovation with internal and external partners.
• Ability to support cyber security incident response and on-call rotations.
• Ability to engage with clients with competing priorities and sometimes in political settings which can have heavy impact and load on the emotions and become stressful, that would require professional and personal soft skills to handle such situations properly.
• Ability to make decisions where results have a major impact across the organization.
 
Employment Type: Permanent Full Time
 
Salary Band: 6
 
Location: Ontario (currently hybrid; subject to change) 
All applicants must be a resident of Ontario to be considered for roles at Ontario Health. 
 
Internal Application Deadline Date: June 10, 2024
 
Ontario Health encourages applications from candidates who are First Nations, Métis, Inuit, and urban Indigenous; Francophone; Black and racialized; members of 2SLGBTQIA+ communities; trans and nonbinary; and disabled. 
We encourage applicants with accessibility needs to notify us if they have any accommodation needs in the application and/or interview process. 
 
Note: As part of the initial recruitment screening process, applicants must confirm that they are fully vaccinated against COVID-19. If applicants are not fully vaccinated, they will be required to identify any accommodation needs pursuant to a protected ground under the Code. Applicants who identify an accommodation need will be required to provide supporting documentation with respect to their need for accommodation when requested by Ontario Health. If no such accommodation is identified, the applicant will not be eligible to proceed through the recruitment process." 

#OH-IND-DIG

#LI- SR1


  • Security Specialist

    2 weeks ago


    Greater Toronto Area, Canada Melcour Security Full time

    **About us** We are experienced, professional, and agile, and our goal is to Provide best in Class Security Solutions to all of our Customers. Our work environment includes: - Modern office setting - Growth opportunities Join our team as a Security Specialist and play a crucial role in providing our customers with reliable and quality installation while...


  • Old Toronto, Canada Ontario Health Full time

    Senior Specialist, Security page is loaded Senior Specialist, Security Apply locations Ontario Health – Toronto, ON time type Full time posted on Posted 12 Days Ago job requisition id R106976 At Ontario Health, we are committed to developing a strong organizational culture that connects and inspires all team members...


  • Old Toronto, Canada Ontario Health Full time

    Senior Specialist, Security page is loaded Senior Specialist, Security Apply locations Ontario Health – Toronto, ON time type Full time posted on Posted 12 Days Ago job requisition id R106976 At Ontario Health, we are committed to developing a strong organizational culture that connects and inspires all team members...


  • Toronto, ON, Canada ASP Security Services Full time

    RESPITE SECURITY SPECIALIST Are you passionate about Safety & Security and seeking the opportunity to join a team of Security professionals? Incorporated has provided security and customer service solutions for over 20 years to Canadian clients. P provides services to some of Canada's largest airports and has a significant presence in the...


  • Old Toronto, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Specialist (Risk)Location: Toronto – Downtown (Hybrid, 3 days/week on site)Our client, a leading retailer and wholesaler, is currently seeking a Senior Cyber Security Specialist (Risk) to join their dynamic team in Toronto. This role offers the opportunity to make a significant impact by providing guidance on security risk...


  • Old Toronto, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Specialist (Risk)Location: Toronto – Downtown (Hybrid, 3 days/week on site)Our client, a leading retailer and wholesaler, is currently seeking a Senior Cyber Security Specialist (Risk) to join their dynamic team in Toronto. This role offers the opportunity to make a significant impact by providing guidance on security risk...


  • Old Toronto, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Specialist (Risk)Location: Toronto – Downtown (Hybrid, 3 days/week on site)Our client, a leading retailer and wholesaler, is currently seeking a Senior Cyber Security Specialist (Risk) to join their dynamic team in Toronto. This role offers the opportunity to make a significant impact by providing guidance on security risk...


  • Toronto, ON, Canada Quantum Technology Recruiting Inc. Full time

    Position : Senior Cyber Security Specialist (Risk) Location : Toronto – Downtown (Hybrid, 3 days/week on site) Our client, a leading retailer and wholesaler, is currently seeking a Senior Cyber Security Specialist (Risk) to join their dynamic team in Toronto. This role offers the opportunity to make a significant impact by providing guidance on...


  • Toronto, ON, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Risk Specialist Job Type: Full-time permanent, Hybrid Our client, a leader in the retail space, is currently seeking a Senior Cyber Security Risk Specialist. This role is heavily focused on Security risk assessments, conducting in depth security analyses on new and existing solutions providing TRA reports as well as...


  • Toronto, Canada Delco Security Full time

    Delco Security is growing, and we are looking to build our Ontario team! We are currently hiring for the position of **Security Systems Specialist** in Toronto. **Delco Perks & Benefits** - **Retirement Support**: We provide every full-time permanent employee with RRSP matching for their long term plans. - **Health & Wellness**: Staying healthy is...


  • Toronto, Ontario, Canada Ontario Health Full time

    At Ontario Health, we are committed to developing a strong organizational culture that connects and inspires all team members across the province. Our vision is that together, we will be a leader in health and wellness for all. Our mission is to connect the health system to drive improved and equitable health outcomes, experiences and value. How we work...


  • Old Toronto, Canada ASP Security Services Full time

    RESPITE SECURITY SPECIALIST Are you passionate about Safety & Security and seeking the opportunity to join a team of Security professionals? A.S.P. Incorporated has provided security and customer service solutions for over 20 years to Canadian clients. We employ over 2000 employees and are a subsidiary of ICTS EUROPE, operating in 22 countries and...


  • Old Toronto, Canada ASP Security Services Full time

    RESPITE SECURITY SPECIALIST Are you passionate about Safety & Security and seeking the opportunity to join a team of Security professionals? A.S.P. Incorporated has provided security and customer service solutions for over 20 years to Canadian clients. We employ over 2000 employees and are a subsidiary of ICTS EUROPE, operating in 22 countries and...


  • Old Toronto, Canada ASP Security Services Full time

    RESPITE SECURITY SPECIALIST Are you passionate about Safety & Security and seeking the opportunity to join a team of Security professionals? A.S.P. Incorporated has provided security and customer service solutions for over 20 years to Canadian clients. We employ over 2000 employees and are a subsidiary of ICTS EUROPE, operating in 22 countries and...


  • Old Toronto, Ontario, Canada ASP Security Services Full time

    RESPITE SECURITY SPECIALISTAre you passionate about Safety & Security and seeking the opportunity to join a team of Security professionals? A.S.P. Incorporated has provided security and customer service solutions for over 20 years to Canadian clients. We employ over 2000 employees and are a subsidiary of ICTS EUROPE, operating in 22 countries and employing...


  • Old Toronto, Ontario, Canada ASP Security Services Full time

    (TTC) , Manitoba and Martime Provinces. Inc is seeking experienced police and military personnel for security specialist positions who can provide a highly visible and advance specialist service at a various posts at a critical infrastructure in a professional, competent and courteous manger. The posts will be assigned within Greater Toronto Area....


  • Old Toronto, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Risk SpecialistLocation: Toronto, OntarioJob Type: Full-time permanent, HybridOur client, a leader in the retail space, is currently seeking a Senior Cyber Security Risk Specialist. This role is heavily focused on Security risk assessments, conducting in depth security analyses on new and existing solutions providing TRA...


  • Old Toronto, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Risk SpecialistLocation: Toronto, OntarioJob Type: Full-time permanent, HybridOur client, a leader in the retail space, is currently seeking a Senior Cyber Security Risk Specialist. This role is heavily focused on Security risk assessments, conducting in depth security analyses on new and existing solutions providing TRA...


  • Old Toronto, Canada Quantum Technology Recruiting Inc. Full time

    Position: Senior Cyber Security Risk SpecialistLocation: Toronto, OntarioJob Type: Full-time permanent, HybridOur client, a leader in the retail space, is currently seeking a Senior Cyber Security Risk Specialist. This role is heavily focused on Security risk assessments, conducting in depth security analyses on new and existing solutions providing TRA...


  • Toronto, Canada Cleo Consulting Full time

    **Requisition: RQ00048** **RQ00048 - Senior Cyber Security Specialist** **Start Date: 2023-12-04** **End Date: 2024-11-29** **Business Days: 256.00** **# of Openings: 2** **Job Title: Senior Cyber Security Specialist** **Office Location: 200 Front St West, Toronto** **Assignment Type: Hybrid** **Notes from the Hiring Manager**: **This role will...