Want to make a difference in your career? Consider this opportunity!
The Senior Information Security Architect contributes to the development, execution and maturing of Ontario Health’s enterprise and cloud information security program.
A strong collaborative working relationship with the leadership team across Digital Excellence in Health (DxH) as well across Ontario Health is essential.
As a senior level architect, the security architect looks at enterprise-wide solutions and will coordinate, direct, and design activities and provides guidance to project architect throughout the project lifecycle
Here is what you will be doing :
Develop and maintain security reference architectures, network diagrams and other guidelines to support the policies and standards, enabling the delivery of target state enterprise-level Information Security capabilities, and reducing the risk of siloed and redundant solutions.
Develop security requirements and advise on technologies to be used in cloud environments during an entire project lifecycle.
Ensure optimal placement and adequacy of the technology to achieve an ideal cloud security architecture, with respect to the cloud service model being used.
Analyze proposed solution architectures, technology, design, and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes.
Acts as a subject matter expert and may take on more complex work in developing plans and deliverables and interacting with key internal partners.
Coordinate teams of internal and external subject matter experts to reach feasible security solutions for complex problems and issues across the health care sector.
Play a leading role in the implementation and realization of those solutions.
Identify, analyze, and recommend options for risk management at appropriate levels within the enterprise and the health care sector.
Manage multiple security related projects simultaneously, and present status updates to upper management.
Leverage existing best practices in addition to proposing, developing, and integrating best practices as they relate to business, policy, information, security, application and technical infrastructure architecture
Identify and escalate issues and work with projects to ensure application management and quality standards are adhered to
Keep current on business strategy decisions and its implications on the future state of Ontario Health.
Operate as a Vanguard Enterprise Security Architect by staying abreast of trends in the technology and provincial healthcare landscape.
Drive and influence strategic and tactical decisions related to security architecture, in order to maximize overall outcomes by balancing the conflicting goals of cost, security and time to production.
Participate in the development and review of emerging and existing security architecture standards, patterns and technologies.
Contribute to the definition and execution of the security architecture review process, balancing security architecture review rigor with project needs and timelines
Maintain awareness of industry practices related to IT Security architecture and drive adoption of new practices and technology relevant to Ontario Health Ontario.
Here is what you will need to be successful :
Education and Experience
BA or MBA in Computer Science, Information Systems or other related field, or equivalent work experience.
5+ or more years of experience in IT security principles, practices, technologies, programs, and procedures with a solid knowledge of IT architecture, design and development
Strong Knowledge an understanding of risk management methodologies and frameworks such as ISO 27001 / 2 and NIST
Working knowledge of TRA methodologies and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies.
Understanding of typical security threats, vulnerabilities and safeguards relevant to application development, test and QA environments, and IT (data center) operations.
Knowledge of technology life cycle
Knowledge of industry standard development, database, and infrastructure platforms
Proven ability to work in a matrix organization.
Good verbal and written communication skills including preparing and presenting and articulating architecture-related concepts to both technical and non-technical audiences
Functions at a high level of autonomy in setting objectives based on direction from management
Ability to build sustainable relationships with stakeholders, partners, and colleagues
Strong time management and organizational skills
Familiarity with Ontario’s Healthcare business domain desired
Business acumen, and the ability to communicate to executives, business domain stakeholders and technical staff alike
Superior facilitator, negotiator and communicator - both orally and written, and be able to produce clear and concise documentation including : presentation material, design / architecture documents and training material.
Experience defining governance, principals, policies and procedures.
Knowledge of Health IT systems, technical requirements and best practices is an asset
Knowledge and Skills
Certifications in in any of the following cyber security and cloud security architecture are an asset (e.g., CISSP-ISSAP, CCSP, GDSA)
Certifications in any of the following are an asset. ArchiMate, TOGAF, SABSA, Zachman is an asset
Knowledge and experience developing and working with security architecture, and IT management frameworks such as ITIL and CoBIT.
Knowledge of a wide variety of information systems and security technologies including Operating Systems security, LAN and WAN, Internet protocols and applications, secure communications, firewalls, IDS / IPS, PKI, identity and access management, identification and authentication techniques, role-based access control, malware defense, etc.
Knowledge of FIPPA and PHIPA and how it applies to healthcare IT solutions.
Be knowledgeable in Service Management, Control and Architecture frameworks (such as ITIL, PMBOK, COBIT, Zachman, TOGAF, Rational), IT Security standards and principles.
Broad knowledge on a variety of Architectural disciplines (such as Business, Application, Information, Infrastructure, Privacy and Security).
Employment Type : Permanent Full-Time.
Employment Location : Toronto, Ontario (currently virtual; subject to change). All applicants must be a resident of Ontario to be considered for roles at Ontario Health.
Internal Application Deadline Date : June 17, 2022.
Note : As part of the initial recruitment screening process, Applicants must confirm that they are Fully Vaccinated against COVID-19.
If Applicants are not Fully Vaccinated, they will be asked to identify any accommodation needs pursuant to a protected ground under the Code.
If no such accommodation is identified, the Applicant will not be eligible to proceed through the recruitment process