CARE AND BE CARED FOR – THIS IS YOUR HOME

Are you a collaborative IT professional with expertise in cyber security? Do you enjoy the challenge of facilitating change management? Do you have exceptional communication skills with the ability to deliver effective security training sessions? Are you passionate about exceptional health care and driven by a desire to help others?

If so, take a look at this rewarding career opportunity working alongside a supportive and collaborative team of over 8,000 regulated health care and other professionals. ​​​ We are amid a momentous time for health care in Ontario as we move to a more connected health care system through the Ontario Health Teams model of care.

Home and Community Care Support Services (HCCSS) is looking for an experienced IT professional with expertise in cyber security. In this provincial role, the Cyber Security Specialist will collaborate with teams within Home and Community Care Support Services and with its partners to... ensure the timely, efficient, and quality delivery of Provincial Cyber Security Program products and services. The role contributes to the development, execution and maturing of HCCSS information security programs and serves as a security subject matter expert to the organization.

What do we offer?

We know wellness is supported with work-life balance. In an inclusive culture committed to support your passion for continuous learning, growth and innovation, we offer: ​
• Attractive comprehensive compensation packages and benefits​
• Valuable development opportunities​
• Membership in a world class defined benefit pension plan.
• Hybrid with flexible work location - this position can be located at any of the 14 Home and Community Care Support Service offices ​

What will you do?
• Safeguards information system assets by identifying and solving potential and actual security problems.
• Protects system by defining access privileges, control structures, and resources.
• Recognizes problems by identifying abnormalities and reporting violations.
• Implements security improvements by assessing current situation, evaluating trends and anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits.
• Upgrades system by implementing and maintaining security controls.
• Prepares performance reports and communicates system status to ensure management is informed
• Conducts threat and risk analysis and analyzes the business impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues.
• Performs research, testing, evaluation, and deployment of security technology and procedures in alignment with the NIST framework.
• Runs diagnostics on any changes to data to verify any undetected breaches.
• Supports systems for specialized security features and procedures for software, networks, data centers, and hardware.
• Develops and implements information security standards, guidelines, and procedures in alignment with the NIST framework.
• Assists in the execution of Phishing Campaigns and reporting results.
• Develops firewalls to secure the network infrastructure.
• Monitors Microsoft Azure Defender alerts.
• Supplies security expertise and oversight in the management of Microsoft Defender and other security related incidents.
• Conducts counteractive protocols and report incidents.
• Maintains and tests the Incident Response Plan
• Formulates Incident Reports and obtains signoffs for resolution acceptance by the VP of Information Technology.
• Coordinates Internet Web Filtering standards and implementation.
• Grants permissions and privileges to authorized users.
• Configures anti-virus systems and consoles and conducts software upgrades.
• Manages relationships and coordinates with partners, clients and service providers while providing security assessments, implementing security policies, designing security training materials, organizing training sessions, providing technical support, and communicating security policies and procedures.

What must you have?
• University degree in Computer Science, Information Technology, Information Science or related field (or equivalent combination of education and experience; certifications in cyber security (e.g. CISSP or CISA) are assets
• Ten or more years of experience in IT with minimum five years working experience in security technologies, principles, risk management, vulnerability management, monitoring and incident response, program development, and architecture.
• Experience conducting and leading Cyber Security Readiness assessments, business process analysis, continuous improvement, process redesign.
• Experience evaluating existing cyber security performance, establishing cyber security KPIs, applying performance methodologies.
• Experience in security governance including the development of policies, standards and procedures.
• Strong capabilities with Microsoft Office tools including SharePoint & Teams, Microsoft Project and Microsoft Project Server.
• Experience developing and working with security architecture and the ITIL and NIST frameworks.
• Proven experience facilitating change management including design, preparation and maintenance of security training materials
• Demonstrated ability to deliver security training sessions to stakeholders within healthcare and at different scales
• Strong understanding and ability to interpret and communicate risk management concepts.
• Working knowledge of TRA (Threat Risk Assessment) and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies.
• Knowledge of a wide variety of information systems and security technologies including Operating Systems security, LAN and WAN, Internet protocols and applications, secure communications, firewalls, intrusion detection and prevention systems, Public Key Infrastructure, identity management, identification and authentication techniques, role-based access control, malware defenses, etc.
• Understanding of typical security threats, vulnerabilities and safeguards relevant to application development, test and QA (Quality Assessment) environments, and IT data centre operations
• Strong verbal and written communications skills with the ability to effectively communicate with partners, IT leadership, technical peers, vendors, and users.
• Aptitude to work collaboratively in a team environment to accomplish organizational objectives
• Experience influencing, negotiating and building positive relationships within the team and external partners.
• We have a mandatory COVID-19 vaccination policy. As a condition of employment, all employees are required to submit proof of COVID-19 vaccination status prior to start date.

Who are we?

We are Home and Community Care Support Services, ready to serve every person in Ontario. We partner with patients and caregivers, family physicians, hospitals, long-term care and retirement homes, service providers and Ontario Health Teams, to deliver responsive, accessible, integrated, patient-centred care.

Why join us?

If you're interested in driving excellence in care and service delivery , and seeking an unparalleled opportunity to lead and learn, partner and connect, care and be cared for, this is your home.

Equity, Inclusion, Diversity and Anti-Racism Commitment

Home and Community Care Support Services is committed to a culture of equity, inclusion, diversity and anti-racism. We are committed to attracting, engaging and developing a workforce that reflects the diverse communities we serve. We welcome and encourage applications from all qualified applicants. Accommodations for persons with disabilities required during the recruitment process are available upon request.

We thank all applicants for their interest however, only those selected for an interview will be contacted
Ottawa ON

Salary Criteria