Manager of Cybersecurity

One of Canada's Best Diversity Employers and Greater Toronto's Top Employers for many consecutive years, William Osler Health System (Osler) provides a safe and supportive health care network to grow your career. Osler is nationally recognized for its commitment to patient safety and is Accredited with Exemplary Standing, the highest rating a Canadian hospital can receive. As a major Ontario hospital system, and home to some of the biggest specialty and emergency departments in the country, Osler serves the 1.3 million residents of Brampton, Etobicoke and surrounding communities. We are proud to offer you incredible exposure to best-in-class health care delivery and challenging hands-on opportunities to stay at the top of your game.

A hospital system built for and by the community, we continue to expand our services to meet the needs of a growing population, creating opportunities for increased hands-on skills development, cross-department training and promotional opportunities. Guided by our accomplished senior leadership team, together we are driving our vision of patient-inspired health care without boundaries.

At Osler, we invest in careers that go beyond where health care professionals like you can achieve their goals and find deep personal and professional fulfillment. Join our team today!

Reporting to the Director, Cybersecurity, Privacy and Health Information Management (HIM), the Manager, Cybersecurity, is responsible for overseeing the information security program at Osler to ensure all aspects of the program align with the organizational vision, mission and values.

The Manager provides strategic direction but at the direction of the Director, Cybersecurity, Privacy and HIM. The Manager leads the team through the information security program by establishing highly effective policies, corporate protocols and appropriate collaboration among teams. In addition, the successful candidate will assume responsibility for the education and enforcement of those protocols and matters of compliance. The Manager is required to provide mentorship to program staff and other stakeholders, both internal and external. This position will help design and facilitate the adoption of good security practices by Osler staff and is required to provide leadership support and consultations with both internal and external stakeholders.

Accountabilities:

• Identifying required resources and support
• Identifying costs and implementation
• Identifying any potential conflict with existing systems or uptime
• Review existing security posture
• Identify gaps and areas of improvements
• Consult with Director regarding budget potentially available
• Documenting risks and benefits of implementing new technology
• Reviewing and costing solutions through SSW
• Confirm internal resourcing available to support implementation, which may require the support of other teams
• Environmental scanning of peer organizations and best practices
• Reviewing existing policies for gaps and improvements
• Engaging stakeholders on potential changes and identifying operational impacts
• Communicating benefits and risks
• Seeking approval by drafting decks, briefing notes
• As a SME, provide support for investigations, threats, and documentation that may be required for law enforcement, claims or internal investigations
• Reviewing existing technologies and learning about available technologies in the market place
• Making a business case to change, through consulting with stakeholders to understand impact and opportunities for automation and enhanced security
• Maintain relationship with vendors to understand current application available, cost projections and potential available upgrade
• Maintain environmental awareness of other tools in the market and how they compare with current state, along with assess difficulty and costing (time/money/value) of adoption/removing

• Three year college diploma
• CISSP, CISA, MCSA certification required
• Five to seven years experience in a dedicated cybersecurity leadership role
• Three to five years with previous leadership experience
• Knowledge of ISO 27000 standards/NIST standards
• Familiarity with Personal Health Information Protection Act and Freedom of Information and Protection Act
• Experience in leading projects, people and application implementations
• Intermediate experience with health information systems
• Intermediate experience in information technology infrastructure
• Intermediate knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, web filtering and other industry-standard techniques and practices
• Working technical knowledge of vulnerability scanners
• Strong understanding of IP, TCP/IP and other network administration protocols
• Strong understanding of Windows operating system and Active Directory
• Must demonstrate Osler's Values of Respect, Excellence, Service, Compassion, Innovation and Collaboration

Hours: Currently days (subject to change in accordance with operational requirements)

This is a hybrid: Roles that function remotely, but require essential, regular onsite weekly work

Annual Salary:
Minimum:  $104,227.50
Maximum: $130,279.50

Application deadline: January 20, 2025

#LI-LM1

Osler values inclusivity and diversity in the workplace. We welcome and encourage applicants from diverse backgrounds. We are committed to providing accessible employment practices that are in compliance with the Accessibility for Ontarians with Disabilities Act. If you require an accommodation at any stage of the recruitment process, please notify Human Resources at [email protected].

While we thank all applicants, only those selected for an interview will be contacted. Any information obtained during the course of recruitment will be used for employment recruitment purposes only, and not for any other purpose.