Security & Risk Manager - Information Management & Technology
Top Benefits
About the role
About the Opportunity
The IM/IT Security & Risk Manager (SRM), reports to an IM/IT Director of IT Security, Risk Management and Digital Infrastructure and will provide direction to IM/IT Security & Risk (SRM) and IM/IT Security & Risk Analysts. This position supports the analysis, classification, and response to cybersecurity risks within an organization and has a solid understanding of enterprise security architecture. The SRM addresses cybersecurity risk and analyses the potential business and customer risk, aligning processes and controls to the relevant frameworks and internal systems. The IM/IT SRM manages their team to collaborate with key clinical and business stakeholders throughout the province as the organization, in partnership with the province’s Internal Services Department and the Department of Health and Wellness, moves towards the rationalization of disparate systems and the OPOR strategy.
The IM/IT SRM will be committed to a high standard of performance and will provide support across the organization to leverage IT applications aligned with the NSH’s and its client’s strategic mission, vision and goals. Demonstrating leadership behaviors and capabilities, consistent with LEADS in a Caring Environment framework.
About You
We would love to hear from you if you have the following:
- B.Sc. in Computer Science/Information Security/B. Business with Major in Information Technology or 6+ years equivalent experience in an Information Technology and Information Risk Management
- 4+ years’ experience as a Security Analyst, Information Risk Analyst or Enterprise Architecture - Security Architect
- 2+ years’ experience leading a risk management or cyber security team
- 4+ years' experience as Manager - Cybersecurity an asset
- The following certifications considered an asset - CISSP, CRISC, CISA, CISM, ISO 31000, HCISPP, ISSMP, GIAC (GSLC), GIAC (GSTRT
- Strong applied knowledge of the following preferred:
- Security & Privacy Incident Response (NIST 800-61) & Event Management Processes
- Canadian Privacy Requirements (PIPEDA)
- Current Security Technologies and Tools
- Cloud Services (SaaS PaaS IaaS) as well as Microsoft Azure and Amazon AWS security practices
- Vulnerability Management processes, technologies and practices (NIST 800-40) and information Security Testing & Assessments (NIST 800-115)
- Supply Chain Risk Management (NIST 800-161)
- Risk Assessment methodologies and practices NIST 800-30, NIST 800-39 & ISO 31000
- Project Management Methodologies (Waterfall and Agile)
- Frameworks: NIST800-53, NIST CSF, ITIL, ISO 27001/02, MITRE ATT&CK® COBIT2019, FEDRAMP, CSA CAIQ
- Internal/External Audit Processes
- Please ensure your resume is up to date and includes all relevant education, experience, training, and certifications.
Hours
- Permanent, Full-time Position; 75 Hours Bi-weekly
Compensation and Benefits
$46.36 - $57.95 Hourly
Successful candidates may be eligible for our benefits package which includes health, dental, travel, long-term disability, and life insurance coverage as well as a defined benefit pension plan.
About Nova Scotia Health Authority
We are Nova Scotia Health. We are rural and urban. We are in hospitals, health centres and community. We serve individuals and communities from Yarmouth to Cape Breton, from Amherst to Halifax, and everything in between.
We are researchers and learners, looking for new ways to prevent and treat disease and maintain health. We are partners – with community groups, schools, government, foundations and auxiliaries, community health boards and, most importantly, with you.
Most of all, we are a community of caring, compassionate people who care deeply about health, healing and learning. Together with you, we will create a healthier Nova Scotia.
Mission: Working together to achieve excellence in health, healing and learning
Vision: Healthy people, healthy communities – for generations
Security & Risk Manager - Information Management & Technology
Top Benefits
About the role
About the Opportunity
The IM/IT Security & Risk Manager (SRM), reports to an IM/IT Director of IT Security, Risk Management and Digital Infrastructure and will provide direction to IM/IT Security & Risk (SRM) and IM/IT Security & Risk Analysts. This position supports the analysis, classification, and response to cybersecurity risks within an organization and has a solid understanding of enterprise security architecture. The SRM addresses cybersecurity risk and analyses the potential business and customer risk, aligning processes and controls to the relevant frameworks and internal systems. The IM/IT SRM manages their team to collaborate with key clinical and business stakeholders throughout the province as the organization, in partnership with the province’s Internal Services Department and the Department of Health and Wellness, moves towards the rationalization of disparate systems and the OPOR strategy.
The IM/IT SRM will be committed to a high standard of performance and will provide support across the organization to leverage IT applications aligned with the NSH’s and its client’s strategic mission, vision and goals. Demonstrating leadership behaviors and capabilities, consistent with LEADS in a Caring Environment framework.
About You
We would love to hear from you if you have the following:
- B.Sc. in Computer Science/Information Security/B. Business with Major in Information Technology or 6+ years equivalent experience in an Information Technology and Information Risk Management
- 4+ years’ experience as a Security Analyst, Information Risk Analyst or Enterprise Architecture - Security Architect
- 2+ years’ experience leading a risk management or cyber security team
- 4+ years' experience as Manager - Cybersecurity an asset
- The following certifications considered an asset - CISSP, CRISC, CISA, CISM, ISO 31000, HCISPP, ISSMP, GIAC (GSLC), GIAC (GSTRT
- Strong applied knowledge of the following preferred:
- Security & Privacy Incident Response (NIST 800-61) & Event Management Processes
- Canadian Privacy Requirements (PIPEDA)
- Current Security Technologies and Tools
- Cloud Services (SaaS PaaS IaaS) as well as Microsoft Azure and Amazon AWS security practices
- Vulnerability Management processes, technologies and practices (NIST 800-40) and information Security Testing & Assessments (NIST 800-115)
- Supply Chain Risk Management (NIST 800-161)
- Risk Assessment methodologies and practices NIST 800-30, NIST 800-39 & ISO 31000
- Project Management Methodologies (Waterfall and Agile)
- Frameworks: NIST800-53, NIST CSF, ITIL, ISO 27001/02, MITRE ATT&CK® COBIT2019, FEDRAMP, CSA CAIQ
- Internal/External Audit Processes
- Please ensure your resume is up to date and includes all relevant education, experience, training, and certifications.
Hours
- Permanent, Full-time Position; 75 Hours Bi-weekly
Compensation and Benefits
$46.36 - $57.95 Hourly
Successful candidates may be eligible for our benefits package which includes health, dental, travel, long-term disability, and life insurance coverage as well as a defined benefit pension plan.
About Nova Scotia Health Authority
We are Nova Scotia Health. We are rural and urban. We are in hospitals, health centres and community. We serve individuals and communities from Yarmouth to Cape Breton, from Amherst to Halifax, and everything in between.
We are researchers and learners, looking for new ways to prevent and treat disease and maintain health. We are partners – with community groups, schools, government, foundations and auxiliaries, community health boards and, most importantly, with you.
Most of all, we are a community of caring, compassionate people who care deeply about health, healing and learning. Together with you, we will create a healthier Nova Scotia.
Mission: Working together to achieve excellence in health, healing and learning
Vision: Healthy people, healthy communities – for generations