Who we are
We are an organization comprised of industry thought leaders who are passionate about health data and want to make a difference in the health care field. We are an independent, not-for-profit organization and together with our partners we provide essential information on Canada's health systems, enabling decisions that lead to healthier Canadians. As a valued member of the CIHI team, you and your work will have a pivotal role in the evolution of Canada's health care systems.
CIHI is recognized as an exceptional place to work that embraces diversity, respect, integrity, collaboration and innovation.
At CIHI, we recognize what matters to our employees. Some of the benefits of working at CIHI include
Generous vacation days
Flexible benefits program from your first day on the job
HOOPP Pension Plan (Defined Pension)
Retirement Planning Program
Career Planning Program
Learning and Professional Development Program
Why is this role important?
This opportunity is for a one year salaried contract employee.
As the Information Security Architect you will ensure effective design, configuration, management, monitoring and protection of CIHI’s security infrastructure (e.g. Firewalls, Security Information and Event Management solutions (SIEM), Secure Web Gateway). You will be responsible to proactively enforce CIHI’s information security and management policies, procedures, and standards while maintaining compliance with applicable industry, regulatory, and contractual requirements and managing risk to the technical environment.
You will also be responsible to design, implement and maintain current and new network and security infrastructure architecture (devices, software, protocols and trends), ensuring the security infrastructure meets or exceeds CIHI information management security requirements and evolves with industry and regulatory changes.
What you'll do
1. Under the direction of the Manager Information Security, lead the planning, design and implementation of CIHI’s security architecture.
2. Upgrade, configure and maintain current security systems and their corresponding software, including; firewalls, IDS/IPS, SIEM, web gateways, VPN, cryptography systems, and endpoint security software.
3. Plan and lead IT security projects for deployment, integration and configuration of new security solutions and/or enhancements to existing solutions in accordance with CIHI processes and industry standards and best practices.
4. Participate and respond to security incidents as per CIHI’s security incident protocols.
5. Provide on-call support.
6. Monitor and assess risk via historic and real time security events detected by security systems such as Intrusion Detection Systems, file integrity monitoring, and SIEM and manage and resolve security incidents (breaches, vulnerabilities, malware).
7. Provide recommendations for improvements to existing (configuration/enhancements) or new security solutions (new products/installations) to improve overall enterprise security.
8. Remain current on evolving security threats and proactively implement mitigation solutions.
9. Monitor CIHI’s network and infrastructure including private and public segments against intrusion and other problematic activity and engage in host and network forensics as necessary. Interpret activity and take necessary action for resolution.
10. Design, perform, and/or oversee security auditing and penetration testing of all systems and networks to identify and respond to configuration vulnerabilities.
11. Conducts periodic vulnerability assessments and audits.
12. Continuously improve and advance CIHI’s IT infrastructure by assessing overall risk and mitigation effectiveness in face of evolving network attacks and threat vectors.
13. Provide consulting, advice and support to ITS teams on CIHI’s Security systems and architecture and industry best practices.
14. Define evaluation benchmarks to appraise, test, and select new security software and hardware technologies.
15. Assist with the development, implementation and maintenance of CIHI’s IT security policies and procedures.
16. Develop training material to help facilitate information security awareness within the organization.
17. Collaborate and provide expert guidance to ITS staff.
18. Liaise with members of the Privacy and Legal team and program areas as appropriate.
19. Provide guidance and instruction to junior team members.
What you'll bring to the table
- Graduate of a recognized university/college computer science program or equivalent.
- Minimum of 5years’ experience as a security administrator.
- Expertise in the inner workings of networks, IP Addressing and IP protocols such as TCP/IP, DNS, DHCP, HTTP, TLS, SSH, 802.1X, and IPsec.
- Expertise in architecting and administrating enterprise security solutions such as firewall HA clusters, intrusion prevention systems, SIEM solutions, Web Gateways, TLS inspection, multi-factor VPN authentication, and application sandboxing.
- Experience in creating alerts, reports, and dashboards in Splunk, expanding data collection, and configuring Splunk. Experience in using the AWS Management Console in configuring an AWS environment is an asset.
- Solid knowledge of forensic tools, techniques, and methodology.
- Deep understanding of security in the following OS platforms and technologies: MS Windows, Linux, virtualization, containerization, mobile devices, and cloud services.
- Solid understanding of tiered Web applications and it’s working in a Windows/Linux environment using Apache/IIS web servers and MS SQL/Oracle/MySQL databases.
- Strong hands-on knowledge of cryptographic suites and ciphers, hash functions, digital signatures, and encryption technologies.
- Knowledge of security best-practices for IaaS, PaaS, SaaS cloud service models
- Hands-on experience with network devices such as switches, routers, and wireless controllers.
- Ability to conduct research into security issues and products, as required.
- Strong interpersonal and both oral and written communication skills.
- Strong organizational skills.
- Excellent attention to detail.
- Ability to effectively prioritize and execute tasks with minimal supervision.
- Experience working in a team-oriented, collaborative environment.
- Lifting of moderately heavy objects, such as servers and network appliances.
- Ability to work in an on-call rotation.
- Ability to work flexible hours to maintain systems.
To find out more about this role and other exciting opportunities visit our website at www.cihi.ca and check out our 'Careers' section.
We thank all those who apply, however, only candidates selected for an interview will be contacted.
At CIHI we are committed to fostering an inclusive, barrier-free and accessible environment. Part of this commitment includes arranging accommodations to ensure an equitable opportunity to participate in the recruitment and selection process. If you require an accommodation, we will work with you to meet your needs.