The Privacy and Security team within the Ministry of Health is looking for a strong team player to join the Health Information Act (HIA) Policy, Privacy, and Security Unit. If you are a collaborative team player who takes initiative and supports a solution-focused approach to information technology security and risk management, we want to hear from you!
As a Security Analyst you will be tasked with the protection of Alberta Health’s information assets from a confidentiality, integrity, and availability perspective. You will be responsible to identify, assess, monitor, detect, investigate, research, and respond to threats and incidents impacting the security of information assets.
The position supports the Department’s Information Security Management Directives (ISMD) and contributes to the safe operation of the computing environment. Incumbents may also be responsible for participating in or coordinating the development and implementation of security controls, technology, processes, policy instruments, or awareness materials.
The Security Analyst works closely with the Manager, Privacy and Security to maintain and provide risk-based information security advice for both the Department and the provincial health sector by:
- Supports the development and implementation tracking and risk management reporting of the Alberta Health Information Management Security Directives, security policies, strategies, processes, and other controls in compliance with Alberta Health and Government of Alberta Information Security Management Directives and Standards.
- Working with Information Technology operations and business areas to identify Department standards, policies, processes, and Security by Design principals; and to ensure adequate security and necessary remediations are applied and maintained within current and new IT environments.
- Provide expert support to the health sector security working group, facilitating cross-health system work and discussion with stakeholders around threats and mitigation strategies for the health sector.
- Participation in security threat risk assessment processes, identification of risk and advice, identification of necessary deliverables, and mitigation of vulnerabilities and threats.
- Facilitating information security assurance audits and reports audits (e.g. SOC 2 Type 2 vulnerability assessment, penetration tests, etc.), including analysis and provision of risk-based advice for business areas.
- Reviewing and updating department policies, and any related standards, policies, processes, and business facing supporting material.
- Reporting and documenting security metrics and incidents to management and others as required.
- Researching, analyzing, and developing advice to address information security risks for unique scenarios within a complex environment.
- Participating in cross-government initiatives involving information security as required.
Overall, you are passionate about information security and risk management. You are a team player, helping those you work with to understand and address those concerns. You take initiative and bring a collaborative approach to your work and professional relationships. You are adept working in a dynamic and complex environment, and have an ability to leverage creative solutions using existing tools and resources. You have strong written and verbal communication to support Alberta Health’s efforts to manage information security and risk.