Job Description:
Reporting to the Director, Information Technology, the IT Security Systems Analyst is accountable for Carefor’s information security portfolio and plays a lead role in safeguarding the organization’s technological environment.
This position owns the development and execution of security strategies, policies, and risk management frameworks that align with business objectives and Ontario Cyber recommendation and/or requirements.
Acting as a subject matter expert, the Analyst leads security initiatives, coordinates cross-functional efforts, and provides guidance to project teams through dotted-line leadership. The role is a key contributor to the cyber assessment task force and incident response team.
This position also provides input into budget planning for security initiatives, monitors adherence to approved budgets, and makes recommendations to optimize resource allocation for security-related projects and tools.
About us:
Carefor is Eastern Ontario’s largest home care and community support services not-for-profit, with over 1,200 employees operating in Eastern Counties, Ottawa, and Pembroke-Renfrew County. The founding chapter of the Victorian Order of Nurses, Carefor has been helping seniors and people living with disabilities in Eastern Ontario live with choice and dignity since 1897.
For our staff, we are proud to help them be the best they can be both now and into the future. Through comprehensive onboarding and continual training, you are continuously improving your professional practice with Carefor; and with the HOOPP pension plan, great benefits and a flexible schedule, we’re looking out for you and your family. At Carefor, we know our work matters, and we’re proud of the impact we have in people’s lives.
Primary Responsibilities Include:
Strategic Security Leadership
- Drive the planning and implementation of security policies, standards, and controls to protect sensitive data and systems.- Maintain and oversee the information security risk register, asset inventory, and compliance documentation and Carefor and vendor partners.
- Monitor emerging threats and ensure timely application of patches, updates, and preventive measures.
- Provide recommendations for security-related budget allocations and monitor spending to ensure alignment with approved plans.
Governance & Oversight
- Lead regular security assessments, audits of user accounts, and access controls to identify vulnerabilities and ensure compliance with frameworks such as NIST CSF
- Oversee security systems including antivirus, intrusion detection, audit tools, and Cyber Awareness programs.
- Prepare reports and documentation for technical and non-technical stakeholders, including management and auditors.
- Track and report on budget utilization for security systems and tools, ensuring cost-effective solutions are implemented.
Incident Response & Business Continuity
- Enhance and execute Carefor’s Incident Response and Disaster Recovery protocols; lead tabletop simulations and post-mortem analyses for security events.
- Investigate and respond to security incidents, performing root cause analysis and recommending corrective actions.
Education & Stakeholder Engagement
- Champion security best practices across the organization; deliver training and awareness programs for staff.
- Collaborate with IT teams to integrate security into systems and processes, ensuring alignment with organizational goals.
Data Protection
- Drive initiatives for data loss prevention and encryption of sensitive information at rest and in transit.
- Ensure compliance with Ontario Cyber recommendations and/or requirements and other applicable regulations.
Decision Making / Independence of Action
- Provides informed recommendations for continuous improvement aligned with Carefor’s objectives, policies, and procedures. Exercises independent judgment in day-to-day decisions.
- Escalates decisions involving significant cost, liability, reputational risk, or organizational impact as appropriate.
- Designs solutions to complex business problems and equips management with the information needed for effective decision-making.
- Makes recommendations on budget priorities for security initiatives and ensures adherence to financial guidelines when implementing solutions.
Managing and Leading
- While this role does not have direct reports, the Analyst provides dotted-line leadership for project teams and collaborates extensively with IT, business stakeholders and vendors to execute security initiatives. The position also monitors financial aspects of security projects, ensuring that expenditures align with approved budgets and recommending adjustments as needed.
- Act as a liaison to bridge between the corporate strategic security planning with 3rd party SOC providers. Translate security policies into specific SIEM rules, analyze genuine threats, incident investigation liaison, reporting/documentation, and provide recommendations to improve security posture
Qualifications Include:
- University or college degree Cyber security, Computer Science, or Programming or related field and a minimum of 5 years of relevant IT security experience or similar role or equivalent combination of education and experience Microsoft 365 certifications (Fundamentals or higher)
- CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Systems Manager) certification or equivalent
- Strong understanding of – at least one - Cyber Security frameworks (ex. NIST CSF, COBIT, GRC, …)
- Strong understanding of computer networks, operating systems, and database management is crucial.
- Good understanding of the cyber security risks associated with various technologies and ways to manage them
- Must be able to analyze security events and troubleshoot complex problems to diagnose and resolve security issues. Ability to identify and mitigate network vulnerabilities and explain how to avoid them
- Ability to work in a team oriented collaborative environment
- Knowledge of Security Regulations and Standards
- Excellent communication (both written and verbal) and interpersonal skills with a proven effective customer service focus
Qualifications considered as an asset:
- Experience working in a health care environment and/or working in a non-profit organization
- Ability to converse in both official languages
- ITIL Certification
- Microsoft Azure Security certification
- Knowledge of SIEMS solutions
What We Offer You:
- Pension Plan with the Healthcare of Ontario Pension Plan (HOOPP)
- Health and Dental Benefits
- Employee and Family Assistance Program
- Professional Development Opportunities
- Leadership team who values innovation, continuous improvement, quality and service excellence while appreciating work-life boundaries
- Staff who are deeply committed to excellent client care
Salary Range: $71,506.50-$102,765.00 (annual)
Target Hiring Range: $71,506.50-$85,722.00 (annual)
Carefor is committed to providing an inclusive, barrier-free recruitment and selection process. Please let us know in your application if you require accommodations at any stage of the recruitment process. All requests for accommodation will be considered in a fair and objective manner that will ensure applicants are treated with respect and dignity.
Pay: $36.67-$52.70 per hour
Application question(s):
- Please note that travel to various Carefor office locations may be required from time to time.
Work Location: Hybrid remote in Ottawa, ON K1G 6M8
