Security Analyst - GRC
Top Benefits
About the role
Employment Type**:** Permanent Full-time
Location(s)****: SK-Rgna-Regina SK-Stoon-Saskatoon
Salary Range**:** $45.727 - $55.637 Hourly
Salary Supplement**:** included in hourly salary range (in-scope)
About eHealth
As leaders in digital health innovation, we transform health care through connected health systems and advancing technology. With over 800 employees across 20 communities, we support IT infrastructure in 433 healthcare locations, ensuring seamless information-sharing and timely, effective patient care. We value a culture of strategic collaborating, trust and open dialogue. Our goal is to make Saskatchewan a leader and catalyst in digital health transformation, reshaping health care for the future. Help us put Saskatchewan at the forefront of digital health innovation.
About the Role
As a GRC Analyst, you will play a critical role in identifying and managing information security risk and will ensure eHealth information systems align with regulatory requirements, internal policies and risk management frameworks such as ISO 27001 and NIST RMF.
What You’ll Do
Reporting to the Manager, Cyber Security, Governance Risk and Compliance, you will:
- Conduct risk assessments to identify vulnerabilities internally and within vendor or third-party suppliers. Identify, evaluate and monitor
information security risks and controls based on established risk criteria and recommend mitigation and remediation guidelines.
- Support the organization’s compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies,
and regulations.
- Manage risk registers and monitor remediation progress.
- Translate technical and regulatory requirements into clear, actionable steps for stakeholders .
- Collaborate with cross-functional teams.
- To develop, review, and amend policies, standards, guidelines and procedures in alignment with security frameworks like NIST, ISO, SOC.
- To evaluate the design and operational effectiveness of security controls and identify opportunities for improvement.
- Support security and risk education and awareness campaigns to further drive cyber-resilience across the organization.
- Stay up to date on current cybersecurity threats, vulnerabilities, trends, and best practices to proactively evolve the cybersecurity risk and
controls program.
- Perform other information security related duties as assigned.
What You’ll bring to the Team
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science or a related field.
- Minimum of 3 years of relevant experience in cybersecurity, governance, risk management, and compliance.
- Completion of one or more of the following certifications would be considered an asset: Security+, CC, CRISC, CISA, CISM, CISSP etc.
- Strong understanding of information security frameworks and regulations (e.g., NIST, ISO/IEC standards including 27001/27002, COBIT,
PIPEDA, HIPA, GDPR).
- Ability to collaborate, build relationships, engage, and influence key stakeholders.
- Broad understanding of business operations, strategies, and processes to guide the design, development, and implementation of information
security solutions that support business objectives.
- Commitment to continuous learning and skill development.
Competencies
- Communication Excellent ability to write a variety of detailed, accurate and clear (technical) material.
- Problem-solving abilities to diagnose technical issues and provide workable solutions quickly.
- Interpersonal skills to build effective, collaborative relationships across diverse teams and external partners.
- Ability to work independently and as part of a team, managing priorities in a fast-paced, changing environment.
- Analytical mindset to synthesize complex information and evaluate options for optimal solutions.
- Technical understanding of information security frameworks and regulations (e.g., NIST, ISO/IEC standards including 27001/27002, COBIT,
PIPEDA, HIPA, GDPR).
As one of Saskatchewan’s Top Employers this is Why You’ll Love Working Here
-
Career paths and opportunity for advancement
-
Health, dental, and pension benefits
-
Maternity and parental leave top-up payments
-
Earned days off
-
Annual pay increases
-
Work that truly matters to the people of Saskatchewan
Ready to make a real impact in healthcare technology? Join us and help shape the future of care—apply today!
We value diversity of all kinds and encourage applications from people of all backgrounds, identities, and experiences. Even if you don’t meet every single requirement, we’d still love to hear from you.
Grade: SIT11
Anticipated Start Date: November 2025
Location: Regina/Saskatoon, SK (On-site)
We are committed to workplace diversity.
Number of Openings**:** 1
Closing Date: Oct 25, 2025, 12:59:00 AM
Contact Us
About eHealth Saskatchewan
As a Treasury Board Crown Corporation, eHealth Saskatchewan facilitates development, coordination and use of information and technology to support continuing improvements in health care delivery across the province of Saskatchewan - linking together health information and systems to better meet patient health care needs.
Security Analyst - GRC
Top Benefits
About the role
Employment Type**:** Permanent Full-time
Location(s)****: SK-Rgna-Regina SK-Stoon-Saskatoon
Salary Range**:** $45.727 - $55.637 Hourly
Salary Supplement**:** included in hourly salary range (in-scope)
About eHealth
As leaders in digital health innovation, we transform health care through connected health systems and advancing technology. With over 800 employees across 20 communities, we support IT infrastructure in 433 healthcare locations, ensuring seamless information-sharing and timely, effective patient care. We value a culture of strategic collaborating, trust and open dialogue. Our goal is to make Saskatchewan a leader and catalyst in digital health transformation, reshaping health care for the future. Help us put Saskatchewan at the forefront of digital health innovation.
About the Role
As a GRC Analyst, you will play a critical role in identifying and managing information security risk and will ensure eHealth information systems align with regulatory requirements, internal policies and risk management frameworks such as ISO 27001 and NIST RMF.
What You’ll Do
Reporting to the Manager, Cyber Security, Governance Risk and Compliance, you will:
- Conduct risk assessments to identify vulnerabilities internally and within vendor or third-party suppliers. Identify, evaluate and monitor
information security risks and controls based on established risk criteria and recommend mitigation and remediation guidelines.
- Support the organization’s compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies,
and regulations.
- Manage risk registers and monitor remediation progress.
- Translate technical and regulatory requirements into clear, actionable steps for stakeholders .
- Collaborate with cross-functional teams.
- To develop, review, and amend policies, standards, guidelines and procedures in alignment with security frameworks like NIST, ISO, SOC.
- To evaluate the design and operational effectiveness of security controls and identify opportunities for improvement.
- Support security and risk education and awareness campaigns to further drive cyber-resilience across the organization.
- Stay up to date on current cybersecurity threats, vulnerabilities, trends, and best practices to proactively evolve the cybersecurity risk and
controls program.
- Perform other information security related duties as assigned.
What You’ll bring to the Team
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science or a related field.
- Minimum of 3 years of relevant experience in cybersecurity, governance, risk management, and compliance.
- Completion of one or more of the following certifications would be considered an asset: Security+, CC, CRISC, CISA, CISM, CISSP etc.
- Strong understanding of information security frameworks and regulations (e.g., NIST, ISO/IEC standards including 27001/27002, COBIT,
PIPEDA, HIPA, GDPR).
- Ability to collaborate, build relationships, engage, and influence key stakeholders.
- Broad understanding of business operations, strategies, and processes to guide the design, development, and implementation of information
security solutions that support business objectives.
- Commitment to continuous learning and skill development.
Competencies
- Communication Excellent ability to write a variety of detailed, accurate and clear (technical) material.
- Problem-solving abilities to diagnose technical issues and provide workable solutions quickly.
- Interpersonal skills to build effective, collaborative relationships across diverse teams and external partners.
- Ability to work independently and as part of a team, managing priorities in a fast-paced, changing environment.
- Analytical mindset to synthesize complex information and evaluate options for optimal solutions.
- Technical understanding of information security frameworks and regulations (e.g., NIST, ISO/IEC standards including 27001/27002, COBIT,
PIPEDA, HIPA, GDPR).
As one of Saskatchewan’s Top Employers this is Why You’ll Love Working Here
-
Career paths and opportunity for advancement
-
Health, dental, and pension benefits
-
Maternity and parental leave top-up payments
-
Earned days off
-
Annual pay increases
-
Work that truly matters to the people of Saskatchewan
Ready to make a real impact in healthcare technology? Join us and help shape the future of care—apply today!
We value diversity of all kinds and encourage applications from people of all backgrounds, identities, and experiences. Even if you don’t meet every single requirement, we’d still love to hear from you.
Grade: SIT11
Anticipated Start Date: November 2025
Location: Regina/Saskatoon, SK (On-site)
We are committed to workplace diversity.
Number of Openings**:** 1
Closing Date: Oct 25, 2025, 12:59:00 AM
Contact Us
About eHealth Saskatchewan
As a Treasury Board Crown Corporation, eHealth Saskatchewan facilitates development, coordination and use of information and technology to support continuing improvements in health care delivery across the province of Saskatchewan - linking together health information and systems to better meet patient health care needs.