Cybersecurity Analyst

Position Details

Posting #: 25619
Department: DS- Cybersecurity
Employee Type: Regular, Full Time
If Temporary, Number of Weeks:
Union: Non-Union
Openings Remaining: 1

Schedule

Work Days: Monday to Friday
Time of Day: Days
Shift: 7.5 hour
Shift Start: Hours are subject to change based on operational requirements.
This position may be scheduled at any of the following sites: Charlton Campus (Hamilton Downtown)

Application Dates

Opening Date: 17/08/23
Closing Date: Open until filled

Position Description

Reposted

POSITION SUMMARY:
The Security Operations Centre (SOC) Analyst works as part of team to monitor and identify threats to St. Joseph’s Healthcare Hamilton (SJHH) IT Infrastructure. The SOC Analyst is responsible for assessing security systems and measures for weaknesses and documents possible improvements while actively searching the environment for threats in order to maintain the confidentiality, integrity and availability of St. Joseph’s Healthcare Hamilton (SJHH) systems.

KEY RESPONSIBILITIES & ACCOUNTABILITIES:
•Contributes to the corporate efforts and initiatives, as appropriate, to enhance SJHH’s mission, vision and values.
•Performs duties in a manner that demonstrates the employee’s commitment to developing a culture of patient and staff safety through accountability, reliability, trust and team work. .
•Monitors information security systems, tools, network and vendors for security breaches or potential threats and performs investigations and documentation as required.
•Responsible for triage, detection, and investigating potential security threats and mitigates risks.
•Investigates security breaches and participates in incident response
•Informs senior team resources on incidents by communicating methods of attack, areas of risk and mitigation
•Identifies high risk critical problems and escalates as appropriate.
•Monitors and advises on information security issues related to the systems and workflows at SJHH to ensure the internal security controls are appropriate and operating as intended.
•Monitors intrusion prevention and intrusion detection tools, and ensures processes are adhered to
•Monitors unmanaged IoT devices and assists in securing when possible
•Deploys and supports anti-virus/malware & anti-spam software
•Manages and actions ongoing vulnerability scanning to reduce risk
•Escalates, rejects and queries information requests when necessary
•Troubleshoots and resolves security system access issues.
•Analyzes client requests for potential risks before taking action.
•Responds to and investigates error reports/breaches of security.
•Assists with detailed investigations of information security breaches and/or in appropriate use of IT resources.
•Conducts risk assessments, vulnerability scans, to identify security risks and produces security audit and compliance reports.
•Conducts internal security audits and provides recommendations to mitigate risks to the environment.
•Monitors and validates controlled access to corporate security zones and escalate anomalies.
•Recommends information security improvements by assessing the current state, evaluating trends and anticipating requirements promoting continuous security posture improvement.
•Participates and notifies incident response and risk management needs of the hospital are properly addressed.
•Conducts initial security threat and risk assessments for applications and processes. Escalates areas of concern to senior resources.
•Participates in configuration, support and evaluation of security tools.
•Monitors current trends of malware and intrusions and recommends enhancements to current security protection systems.
•Assists in the creation and maintenance of documented SOPs, policies and procedures of all systems.
•Assists with internal and external communication to management, issue resolution, testing plans, and relevant security items when necessary.
•Works with various business and clinical units to ensure corporate information security standards are in place and adhered to.

QUALIFICATIONS:
•High School Diploma required
•1-3 year College Diploma in Computer Systems Technology Network Engineering and Security Analyst preferred
•C|EH, C|OSINT certification preferred
•CTF Experience, Threat hunting preferred
•1-2 years prior information security and risk management experience
•1-2 years previous experience in a technical role, implementing and supporting information security, operating systems, preferably in the health care industry
•1-2 years prior experience administering healthcare security systems is preferred
•Basic understanding of the OSI model and ability to read and interpret network diagrams
•Ability to read and understand packet captures / protocol analyzers (wireshark, tcpdump, etc.)
•Knowledge of network intrusion prevention/detection techniques
•Knowledge of SIEM solutions and alert optimization
•Working knowledge of Operating System Software (Microsoft Windows Client and Server, Mac and Linux)
•Understanding of Windows/Linux attack vectors and latest attack methods including MITRE attack framework
•Ability to assess and articulate risks to a system as a result of a suspected vulnerability, a proposed change or a compromise
•Actively detect, respond to, and remediate security events across infrastructure
•Close or escalate security events as necessary, while tracking incidents through to final resolution
•Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter
•Ensure security events and incidents are detected and escalated in a timely manner.
•Provide analysis and investigation to determine if alerts or security events warrant incident classification.
•Ability to establish and maintain collaborative relationships among all levels of an organization.
•Strong interpersonal, written and oral communication skills
•Basic understanding of Firewalls, Intrusion Detection, Endpoint Security, SIEM, PAM, Email Security, Vulnerability Scanning, Enterprise Network technologies, Remote Access, Operating System Logs
•Basic understanding of advanced security protocols and standards, as well as software and security architectures

HOURS OF WORK:
Monday to Friday; Days

PLEASE NOTE:
Vaccines (COVID-19 and others) are a requirement of the job unless you have an exemption on a medical ground pursuant to the Ontario Human Rights Code.

St. Joe’s fosters an environment where we celebrate diversity, where teams reflect the diversity of the community in which we serve, enhancing the connection to patients, clients, community, and each other.

St. Joseph’s Healthcare Hamilton (SJHH) is an equal opportunity employer and strives for equity, inclusiveness, and diversity in all our programs, practices, facilities, and people. We foster a culture of patient and staff safety where all positions comply and work in conjunction with the Mission, Vision, and Core Values of SJHH.

We thank all applicants for their interest, however, only those selected for an interview will be contacted. SJHH is committed to a barrier-free recruitment and selection process - please inform us should accommodation be required at any point in the recruitment process.

Vaccines (COVID-19 and others) are a requirement of the job unless you have an exemption on a medical ground pursuant to the Ontario Human Rights Code.