Senior Architect, Information Security
eHealth Ontario
Ontario Health – Toronto, ON
6d ago

Want to make a difference in your career? Consider this opportunity!

The Senior Information Security Architect contributes to the development, execution and maturing of Ontario Health’s enterprise and cloud information security program.

A strong collaborative working relationship with the leadership team across Digital Excellence in Health (DxH) as well across Ontario Health is essential.

As a senior level architect, the security architect looks at enterprise-wide solutions and will coordinate, direct, and design activities and provides guidance to project architect throughout the project lifecycle

Here is what you will be doing :

  • Develop and maintain security reference architectures, network diagrams and other guidelines to support the policies and standards, enabling the delivery of target state enterprise-level Information Security capabilities, and reducing the risk of siloed and redundant solutions.
  • Develop security requirements and advise on technologies to be used in cloud environments during an entire project lifecycle.
  • Ensure optimal placement and adequacy of the technology to achieve an ideal cloud security architecture, with respect to the cloud service model being used.
  • Analyze proposed solution architectures, technology, design, and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes.
  • Acts as a subject matter expert and may take on more complex work in developing plans and deliverables and interacting with key internal partners.
  • Coordinate teams of internal and external subject matter experts to reach feasible security solutions for complex problems and issues across the health care sector.
  • Play a leading role in the implementation and realization of those solutions.

  • Identify, analyze, and recommend options for risk management at appropriate levels within the enterprise and the health care sector.
  • Manage multiple security related projects simultaneously, and present status updates to upper management.
  • Leverage existing best practices in addition to proposing, developing, and integrating best practices as they relate to business, policy, information, security, application and technical infrastructure architecture
  • Identify and escalate issues and work with projects to ensure application management and quality standards are adhered to
  • Keep current on business strategy decisions and its implications on the future state of Ontario Health.
  • Operate as a Vanguard Enterprise Security Architect by staying abreast of trends in the technology and provincial healthcare landscape.
  • Drive and influence strategic and tactical decisions related to security architecture, in order to maximize overall outcomes by balancing the conflicting goals of cost, security and time to production.
  • Participate in the development and review of emerging and existing security architecture standards, patterns and technologies.
  • Contribute to the definition and execution of the security architecture review process, balancing security architecture review rigor with project needs and timelines
  • Maintain awareness of industry practices related to IT Security architecture and drive adoption of new practices and technology relevant to Ontario Health Ontario.
  • Here is what you will need to be successful :

    Education and Experience

  • BA or MBA in Computer Science, Information Systems or other related field, or equivalent work experience.
  • 5+ or more years of experience in IT security principles, practices, technologies, programs, and procedures with a solid knowledge of IT architecture, design and development
  • Strong Knowledge an understanding of risk management methodologies and frameworks such as ISO 27001 / 2 and NIST
  • Working knowledge of TRA methodologies and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies.
  • Understanding of typical security threats, vulnerabilities and safeguards relevant to application development, test and QA environments, and IT (data center) operations.
  • Knowledge of technology life cycle
  • Knowledge of industry standard development, database, and infrastructure platforms
  • Proven ability to work in a matrix organization.
  • Good verbal and written communication skills including preparing and presenting and articulating architecture-related concepts to both technical and non-technical audiences
  • Functions at a high level of autonomy in setting objectives based on direction from management
  • Ability to build sustainable relationships with stakeholders, partners, and colleagues
  • Strong time management and organizational skills
  • Familiarity with Ontario’s Healthcare business domain desired
  • Business acumen, and the ability to communicate to executives, business domain stakeholders and technical staff alike
  • Superior facilitator, negotiator and communicator - both orally and written, and be able to produce clear and concise documentation including : presentation material, design / architecture documents and training material.
  • Experience defining governance, principals, policies and procedures.
  • Knowledge of Health IT systems, technical requirements and best practices is an asset
  • Knowledge and Skills

  • Certifications in in any of the following cyber security and cloud security architecture are an asset (e.g., CISSP-ISSAP, CCSP, GDSA)
  • Certifications in any of the following are an asset. ArchiMate, TOGAF, SABSA, Zachman is an asset
  • Knowledge and experience developing and working with security architecture, and IT management frameworks such as ITIL and CoBIT.
  • Knowledge of a wide variety of information systems and security technologies including Operating Systems security, LAN and WAN, Internet protocols and applications, secure communications, firewalls, IDS / IPS, PKI, identity and access management, identification and authentication techniques, role-based access control, malware defense, etc.
  • Knowledge of FIPPA and PHIPA and how it applies to healthcare IT solutions.
  • Be knowledgeable in Service Management, Control and Architecture frameworks (such as ITIL, PMBOK, COBIT, Zachman, TOGAF, Rational), IT Security standards and principles.
  • Broad knowledge on a variety of Architectural disciplines (such as Business, Application, Information, Infrastructure, Privacy and Security).
  • Employment Type : Permanent Full-Time.

    Employment Location : Toronto, Ontario (currently virtual; subject to change). All applicants must be a resident of Ontario to be considered for roles at Ontario Health.

    Internal Application Deadline Date : June 17, 2022.

    Note : As part of the initial recruitment screening process, Applicants must confirm that they are Fully Vaccinated against COVID-19.

    If Applicants are not Fully Vaccinated, they will be asked to identify any accommodation needs pursuant to a protected ground under the Code.

    If no such accommodation is identified, the Applicant will not be eligible to proceed through the recruitment process

    OH-IND-DIG

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form