Information Security Consultant

Job Summary Reporting to the Manager, Information Security, the Information Security Consultant ensures effective design, configuration, management, monitoring and protection of CIHI’s security infrastructure (e.g. Cloud Environment, Firewalls, Security Information and Event Management solutions (SIEM)). The Information Security Consultant is responsible to proactively enforce CIHI’s information security and management policies, procedures, and standards while maintaining compliance with applicable industry, regulatory, and contractual requirements and managing risk to the technical environment. This role ensures the security infrastructure meets or exceeds CIHI information security management requirements outlined below, while adapting and evolving with industry and regulatory changes. Duties and Responsibilities Leads the planning, design, and implementation of CIHI’s security environment. Oversees the secure deployment of cloud services provided by AWS, Azure, and other vendors, including cloud-based applications, platforms, and infrastructure, incorporating comprehensive security controls and monitoring solutions. Designs, configures, and manages security controls and policies in AWS and Microsoft Azure, ensuring robust protection for cloud-based infrastructure and applications. Upgrades, configures and maintains current security systems and their corresponding software, including firewalls, IDS/IPS, SIEM, web gateways, VPN solution, cryptography systems, and endpoint security software. Plans and leads IT security projects for deployment, integration, and configuration of new security solutions and/or enhancements to existing solutions in accordance with CIHI processes and industry standards and best practices. Participates and responds to security incidents as per CIHI’s security incident protocols and leads creation of incident playbooks and incident response tabletop exercises. Monitors and assesses risk, resolves security incidents (breaches, vulnerabilities, malware) and provides recommendations for improvements to existing configuration/enhancements or new security solutions for cloud and on premises architecture to improve overall enterprise security. Remains current on evolving security threats and proactively implement mitigation solutions. Leads periodic vulnerability assessments, penetration testing and internal audits to ensure staff preparedness and infrastructure compliance with various regulatory requirements. Provides consulting, advice, and support on CIHI’s Security systems and architecture and industry best practices. Defines evaluation benchmarks to appraise, test, and select new security software and hardware technologies. Assists with the development, implementation, and maintenance of CIHI’s IT security policies and procedures. Leads the development of training material to facilitate information security awareness within the organization. Liaises with members of the Privacy and Legal team and program areas as appropriate. Provides guidance and instruction to junior team members. Provides on-call support on a rotational basis. Knowledge and Experience Graduate of a recognized university/college computer science program or equivalent. Minimum of 5 - 7 years’ experience as a security administrator with at least 2 years as cloud security administrator. AWS Certified Security Specialist/ Palo Alto PCNSE certification or equivalent security certification. Expertise in the design of networks, IP Addressing and IP protocols such as TCP/IP, DNS, DHCP, HTTP, TLS, SSH, 802.1X, and IPsec. Proficient in designing and managing enterprise security solutions such as firewall HA clusters, intrusion prevention systems, SIEM solutions, Web Gateways, Web Application Firewalls, Cloud Security Posture Management solutions, multi-factor VPN authentication, and application sandboxing. Experience in security for various cloud service models like IaaS, PaaS, SaaS, for cloud providers like AWS and Microsoft Azure, including the implementation of security best practices and compliance. Proven ability to design, configure and manage security controls and policies in AWS and MS Azure. Experience in creating alerts, reports, and dashboards using SIEM solutions. Demonstrated knowledge of forensic tools (Wireshark), techniques, and methodology. Expert understanding of security in the following OS platforms and technologies: MS Windows, Linux, virtualization, containerization, mobile devices, and cloud services. Proficient understanding of tiered Web applications and it’s working in a Windows/Linux environment using Apache/IIS web servers and MS SQL/Oracle/MySQL databases. Knowledge of NIST Cybersecurity framework and ISO 27001:2022 Ability to conduct research into security issues and products, as required. Strong interpersonal and both oral and written communication skills. Excellent organizational skills and attention to detail. Ability to effectively prioritize and execute tasks with minimal supervision. Experience working in a team-oriented, collaborative environment. Lifting of moderately heavy objects, such as servers and network appliances. Flexibility to work outside standard hours to maintain systems and participate in an on-call rotation schedule. Fluency in English is required, bilingualism in both official languages is an asset.

Location: Toronto, CA

Posted Date: 10/7/2024