Posted On May 06

Senior Information Security Specialist - Engineer

eHealth Saskatchewan

Location : Regina, SK

Headquarters : Canada

Hiring Mode : Full Time

Hiring Role : Security/Audit/Risk Engineer

Experience : Senior Level

eHealth Saskatchewan
$6,282 - $8,166 a month - Full-time
Job details
$6,282 - $8,166 a month
Job type
Who is eHealth Saskatchewan?
  • eHealth Saskatchewan is a Treasury Board Crown Corporation with the mandate to lead Saskatchewan Electronic Health Record (EHR) planning and strategy for the Province of Saskatchewan. We have worked with our healthcare partners to make electronic the vast majority of patient healthcare information in areas such as labs, pharmacies, radiology, surgery, emergency rooms, hospitals, and we also work in partnership with the Saskatchewan Medical Association to implement Electronic Medical Records in physician clinics. Our vision is “Connected Healthcare, accessible to everyone, everywhere” with a mission to “collaborate to transform healthcare through the use of information and innovative technology”.
The Role:
  • The Senior Information Security Specialist - Engineer will be responsible for strengthening eHealth’s capabilities to detect, prevent, and respond to infrastructure threats (networks, clouds, endpoints, mobile, and IoT). This includes cloud security, network security architecture transformation, next Gen anti-virus and endpoint detection & response.
Primary Responsibilities:
  • Architects, designs, implements, maintains and operates information system security controls and countermeasures.
  • Manage technical security infrastructure to include security tools such as Next Gen endpoint protection, log management, intrusion detection, and multi-factor authentication.
  • Manage and implement Threat Intelligence Tools
  • Implement and manage vulnerability management program
  • Implement and manage Data Loss Prevention program
  • Work with Security Operations team to manage vulnerabilities
  • Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage
  • Provide guidance for proactive controls based on SANS 20
  • Monitor intrusion detection and prevention systems, taking proactive and appropriate action when required
  • Participate in security reviews of new services to ensure that end products meet operational security requirements
  • Perform detailed security analysis of network communication anomalies or security risks from changes to network device configurations, document and report these risks and follow up with appropriate resources to remediate those risks.
  • Support, operate and maintain security related appliances, software and processes
  • Periodically monitor the information assets for viruses, breaches and policy violation and take appropriate action to mitigate the issues.
Minimum Qualifications:
  • Experience with SIEM/SOAR, NDR, EDR, VM, and Data Security solutions and concepts
  • Experience with vulnerability management tools such as Nessus, Nexpose, Qualys etc.
  • Demonstrated understanding of Information Security, Endpoints, and Networking operations, integrations, processes, and management concepts
  • Demonstrated technical knowledge of current network security, network hardware, protocols, and standards
  • Experience with Identity and Access Management (IAM) and Privilege Access Management (PAM) solutions and concepts is a plus
  • Previous Network Administration experience of 1 Years or more will be a plus
  • Knowledge of Active Directory is a plus
  • Technical “hands-on” experience deploying and administering Network Security tools like IDS/IPS (Intrusion Detection System/ Intrusion Prevention System), Web traffic inspection, Network Access Control solutions, Network Traffic Monitoring & Analysis tools etc.
  • Good understanding of Technical Network controls like Firewalls, IPS/IDS, Network Device ACLs, Network isolation and segmentation, redundancy, communication encryption, VPN protocols, URL & DNS filtering etc.
  • CISSP or ability to obtain within one year of hire
  • Industry recognized certification in security (e.g., SSCP, CEH, OSCP, etc.) is a plus
  • Vendor Security certifications from Microsoft, AWS is a plus
  • University degree in Information Security, Computer Science, Information Technology, Engineering and/or related fields.
  • If this role sounds like the opportunity you’ve been looking for to challenge yourself, make a difference in people’s lives, and showcase your abilities – we would love to hear from you.
Level: MCP06
Anticipated start date: June 27, 2022
We are committed to workplace diversity.
Number of Openings : 1
Closing Date: May 21, 2022, 12:59:00 AM
eHealth Saskatchewan