Who is eHealth Saskatchewan?
eHealth Saskatchewan is a Treasury Board Crown Corporation with the mandate to lead Saskatchewan Electronic Health Record (EHR) planning and strategy for the Province of Saskatchewan. We have worked with our healthcare partners to make electronic the vast majority of patient healthcare information in areas such as labs, pharmacies, radiology, surgery, emergency rooms, hospitals, and we also work in partnership with the Saskatchewan Medical Association to implement Electronic Medical Records in physician clinics. Our vision is “Empowering patients, enable care” with a mission to get the electronic information into the hands of patients and their healthcare team. This would electronically ‘connect’ the different streams of healthcare so patient information flows between healthcare providers and the patient.
The Senior Information Security Architect is a subject matter expert responsible for designing, building and testing security requirements that balance business risk, cost and usability for various eHealth IT Projects. These may include defining security solutions around systems, applications, infrastructure or processes, and may involve the integration of a wide variety of products, services and technologies.
You must have extensive knowledge of systems, architectures, networking and applications design techniques, different platform implementations and must be able to identify, evaluate and select the elements of the solution which best meet the business needs of the client organization.
Additionally, the responsibilities include reviewing current security measures, recommending enhancements, identifying areas of weakness and responding promptly to security breaches. You will also be responsible for ensuring appropriate security controls during systems or application enhancements or new projects implementation. You will collaborate with the project Managers and guide them through the security involvement in various phases of the projects. Additionally, you will engage with the team members for testing the security requirements through Threat and Risk assessments, review of change requirements, vulnerability scanning, etc.
To be successful you should be experience in security risk assessment with strong understanding of security protocols, authentication and security controls. You should be able to translate technical requirements for Non-technical users and ministry executives or visa versa.
- Participate in project design reviews to ensure infrastructure and application designs adhere to eHealth security guidelines and standards.
- Collaborate with the Solution Architects and vendors in identifying cloud security requirements and secure integration of Endpoint, Network, and Cloud solutions
- Analyze the current environment to detect critical deficiencies and recommend solutions for improvements
- Analyze security industry best practices and market trends, determine their potential impact on the enterprise, and provide leadership for adapting to our business. Evaluate emerging technologies and suggest suitable controls. Be responsive and decisive on adjusting architecture as customers' requirements, market conditions and technology evolve.
- Partner with Solution Architects to facilitate the evaluation and selection of hardware and software technology and product standards, as well as the design of standard software and solution configurations.
- Ensure existing data/information assets are identified, stewarded and leveraged across the enterprise. Balance the need for access to information against security and performance requirements.
- Ensure information security is built into architecture solutions to address all identified risks to assets within the organization, meet regulatory and legislative compliance while ensuring security solutions are leveraged across the organization.
- Prepare Security advisory on existing technology platforms. Aid and support to the Security Risk, Governance, Compliance and Operations functions.
- Provide advisory services for security risk mitigation.
- Bachelor's degree in Information Technology or Computer Science along with at least 5+ years direct information security architecture experience.
- Industry certifications including Certified Information Systems Security Professional (CISSP) Certification, Certified Information Security Manager (CISM) Certification, Open Group TOGAF, SANS GIAC or equivalent
- Experience writing proposals and translating complex solutions into simple business terms that demonstrate the value of architecture management initiatives.
- Deep understanding of key information security tools and concepts such as IAM, SSO, IPS, wireless security, firewalls, vulnerability management, penetration testing, VPN, PKI, LDAP, AD SAML and SIEM, along with an understanding of information security frameworks
- Advanced to expert working knowledge in the application of ISO 27001/2 other security compliance certifications
- Solid knowledge and hands-on experience of web technologies like Application Servers, J2EE, ESB, web services, HTTPS, SOAP, Java Script framework, Sql/NoSql Database.
- You must also have in depth knowledge of the Security landscape and possess a deep understanding of competitive solutions as it relates to Endpoint, Network, and Cloud security solutions.
If this role sounds like the opportunity you’ve been looking for to challenge yourself, make a difference in people’s lives, and showcase your abilities – we would love to hear from you.
We are committed to workplace diversity.
Number of Openings:
Jan 30, 2020, 5:59:00 AM