Technical Specialist, Cybersecurity

The University Health Network, where “above all else the needs of patients come first”, encompasses Toronto General Hospital, Toronto Western Hospital, Princess Margaret Cancer Centre, Toronto Rehabilitation Institute and the Michener Institute of Education. The breadth of research, the complexity of the cases treated, and the magnitude of its educational enterprise has made UHN a national and international resource for patient care, research and education. With a long tradition of ground breaking firsts and a purpose of “Transforming lives and communities through excellence in care, discovery and learning”, the University Health Network (UHN), Canada’s largest research teaching hospital, brings together over 16,000 employees, more than 1,200 physicians, 8,000+ students, and many volunteers. UHN is a caring, creative place where amazing people are amazing the world. 

Union: Non-Union
Site: Princess Margaret Hospital
Department: Digital Security
Reports to: Director of Digital Security
Work Model: Remote 
Grade: H0:09
Hours: 37.5 per week
Salary: $95,862 to $119,828 annually (To commensurate with experience and consistent with UHN compensation policy)
Status: Permanent Full-Time
Closing Date: October 26, 2024

Position Summary

As a Technical Specialist in UHN Cybersecurity, you will play a pivotal role in safeguarding our organization's digital assets and infrastructure against cyber threats. Working under the direction of Director of Digital Security, you will be responsible for managing various aspects of cybersecurity, including Privilege Access Management, enhancing security alerts, implementing, and refining SOAR systems, overseeing vulnerability management, and elevating the overall cybersecurity posture of the organization.

Duties

• Privilege Access Management (PAM):
  • Manage and administer the Privilege Access Management solution.
  • Define and enforce privileged access policies, ensuring adherence to security best practices.
  • Implement controls to mitigate risks associated with privileged accounts and access.
  • Conduct regular audits and reviews of privileged access usage.
• Enhancement of Security Alerts:
  • Collaborate with the security operations team to analyze and enhance security alerts.
  • Develop and maintain a robust SIEM system to facilitate continuous monitoring by a dedicated team of cybersecurity analysts.
  • Develop and implement strategies to improve the detection and response capabilities of security alerting systems.
  • Investigate and respond to security incidents in a timely manner.
• Implementation and Refinement of SOAR:
  • Lead the implementation and integration of Security Orchestration, Automation, and Response (SOAR) solutions.
  • Customize and optimize SOAR workflows to automate repetitive tasks and streamline incident response processes.
  • Continuously refine SOAR capabilities based on emerging threats and organizational requirements.
• Vulnerability Management:
  • Oversee the vulnerability management program, including vulnerability scanning, assessment, and remediation.
  • Prioritize vulnerabilities based on risk and potential impact to the organization.
  • Coordinate with system owners and IT teams to ensure timely patching and mitigation of vulnerabilities.
  • Monitor and report on the effectiveness of vulnerability management efforts.
• Email Security Management:
  • Administer and manage Proofpoint email security solutions to protect against phishing, malware, and other email-borne threats.
  • Develop and enforce email security policies and procedures.
  • Monitor and analyze email security incidents and respond to threats promptly.
  • Provide ongoing tuning and optimization of Proofpoint systems to enhance email security posture.
• Improvement of Overall Cybersecurity:
  • Work collaboratively with cross-functional teams to identify and address security gaps and weaknesses.
  • Provide expertise and guidance on security best practices, standards, and compliance requirements.
  • Participate in cybersecurity awareness and training initiatives for employees.
  • Stay abreast of industry trends, emerging threats, and new technologies to continuously improve cybersecurity capabilities.

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent.
• Extensive experience in cybersecurity, with a focus on privilege access management, security alerting, SOAR, and vulnerability management.
• In-depth knowledge of BeyondTrust or similar Privilege Access Management solutions.
• In-depth knowledge of Splunk or similar SIEM solutions.
• Strong understanding of security principles, protocols, and technologies.
• Proficiency in scripting and automation for cybersecurity tasks (e.g., Python, PowerShell).
• Excellent analytical and problem-solving skills, with attention to detail.
• Effective communication skills, with the ability to convey technical concepts to non-technical stakeholders.
• Proven ability to work independently and collaboratively in a fast-paced environment.

Why join UHN?

In addition to working alongside some of the most talented and inspiring healthcare professionals in the world, UHN offers a wide range of benefits, programs and perks. It is the comprehensiveness of these offerings that makes it a differentiating factor, allowing you to find value where it matters most to you, now and throughout your career at UHN.

• Competitive offer packages
• Government organization and a member of the Healthcare of Ontario Pension Plan (HOOPP https://hoopp.com/)

• Opportunities for professional development, training and certifications.
• Close access to Transit and UHN shuttle service
• A flexible work environment
• Opportunities for development and promotions within a large organization
• Additional perks (multiple corporate discounts including: travel, restaurants, parking, phone plans, auto insurance discounts, on-site gyms, etc.)

Current UHN employees must have successfully completed their probationary period, have a good employee record along with satisfactory attendance in accordance with UHN's attendance management program, to be eligible for consideration.

All applications must be submitted before the posting close date.

UHN uses email to communicate with selected candidates.  Please ensure you check your email regularly.

Please be advised that a Criminal Record Check may be required of the successful candidate. Should it be determined that any information provided by a candidate be misleading, inaccurate or incorrect, UHN reserves the right to discontinue with the consideration of their application.

UHN is an equal opportunity employer committed to an inclusive recruitment process and workplace. Requests for accommodation can be made at any stage of the recruitment process. Applicants need to make their requirements known.

We thank all applicants for their interest, however, only those selected for further consideration will be contacted.