Specialized Informatics Analyst Associate To The Chief Information Sec
- Rate TBD
- Location Montreal, QC Canada (On-site)
- Type of project IT & Software, Specialized Help, Writing/Translation Engineering, Information system analyst, Translation: English, Translation: French
- Duration contract ongoing
- Education required College/University
- Years of experience 2 - 5 years
- Type of employment N/A
- Area of Specialization Computer Sciences
- Languages required N/A Workhoppers Home Montreal QC
Job Description :
We are currently looking for candidates to fill the position of Specialized Informatics Analyst, associate to the Chief Infor-mation Security Officer (CSIO). Our institution includes more than 30 sites, with a budget of more than $850 million for operating activities including main and peripheral activities.
The specialized informatics analyst, associate to the Chief Information Security Officer (CSIO), will be re-quired to work in a context of major change and great complexity following the merger and integration of several institutions with a number of different facilities, missions and professions. He/she will be working within the Digital Health Directorate and have the responsibility of working with the teams across the CIUSSS to help with planning activities, and project coordination thereby improving the delivery and quality of care and services.
Added to this transformation is the duty of reconciling it within a vast and complex legal framework, and en-suring compliance with performance and transparency obligations. The current situation calls for candidates who have demonstrated a very strong sense of responsibility and accountability, high-level skills in change management, while ensuring continuous improvement of quality, performance, efficiency and effectiveness, as well as great budgetary stringency.
Summary of Role and Responsibilities:
The specialized informatics analyst, associate to the Chief Information Security Officer (CSIO), works in col-laboration with the information governance advisor and provides support to the Chief Information Security Officer (CISO) of the West-Central Montreal Health organization with respect to information security frameworks, and compliance to specific requirements and rules adopted by the Director of Information Resources, the Ministry of Health and will contribute to the coordination of future information security actions.
You will assist the Digital Health Directorate in leading a large-scale effort to transform and continuously im-prove digital health in the organization, based on Ministerial directives and expected results. Your work will contribute to supporting the transformational vision of digital health for the organization and, in turn, support and enhance clinical care.
Under the direct supervision of the Associate Director of Digital Health, you will work closely with organizational partners such as Medical Records, Information Resources (cybersecurity, networking, application architecture) and biomedical engineering to ensure a cohesive information security framework, using best practices and requirements to maintain security protocols and data governance. You will provide support to management and coordinate the implementation of information governance and security strategies to ensure a cohesive information security framework across the organization, both in the Hospital and in the Community.
In this regard, the specialized informatics analyst, associate to the Chief Information Security Officer (CSIO), will have the following key responsibilities:
• Plans the activities required to implement an information security within the CIUSSS
• Ensures the information security framework within the CIUSSS, oversees the application of the infor-mation security policy and management framework, and ensures that the CIUSSS complies with the specific rules and guidelines of the Ministry of Health and Social Services and the Treasury Board Sec-retariat regarding information security;
• Acts as an associate to the Chief Information Security Officer (CSIO) at the CIUSSS by informing the various information security stakeholders of the Provincial orientations and priorities and ensures their implementation;
• Ensures CIUSSS participation in provincial information security management processes;
• Contributes to the coordination and coherence of information security activities within the CIUSSS, in-cluding those of partner directorates and the Security Governance Advisor, as appropriate;
• Acts as a participant in the Information Security Committee within the CIUSSS and submits for consul-tation, directions, policies, guidelines, management frameworks, action plans, reviews and reports on events that have or could have jeopardized the organization's information security, as well as any pro-posed actions or project status.
• Ensures that the Information Security system Registry is maintained and implemented, including the names of information holders and the information systems assigned to them;
• Ensures the development and implementation of an integrated information security risk management system, in collaboration with Information Technology and the CIUSSS;
• Ensures the implementation of an information security incident management process in the CIUSSS;
• Contributes to the identification and management of information security requirements when carrying out development projects or acquiring information systems in collaboration with Information Technol-ogy;
• Ensures that service agreements and contracts include provisions to ensure that information security re-quirements are met, based on the government's framework for the development of information security and privacy contractual clauses;
• Ensures the follow-up and implementation of any recommendations deemed relevant as a result of a security audit;
• Ensures the development and implementation of a formal information security training and awareness program for the CIUSSS;
• Contributes to the production and validation of an annual review or, if required, a three-year CIUSSS Information Security Action Plan for transmission to the Chief Information Security Officer (CSIO).
• Reports CIUSSS information security achievements to the Chief Information Security Officer (CSIO) and Director of Information Resources.
• Continuously evaluates all elements of the organization related to information security through audits and compliance audits.
• Accompanies the Chief Information Security Officer (CSIO) in the implementation of internal orienta-tions stemming from Health Ministry directives and those of the DRI (Director of Information Re-sources), as well as internal policies and generally accepted practices in this regard;
• Assists the Chief Information Security Officer (CSIO) in the implementation of strategic orientations, directives and action plans in the area of information security;
• Participates in the drafting of the West-Central Montreal Health information security framework docu-ments, including the information security policy and information management framework;
• Assists the Chief Information Security Officer (CSIO) in the implementation of formal information se-curity management processes;
• Accompanies partner departments in matters of information security and participates in the integration of provisions guaranteeing compliance with information security requirements in service agreements and contracts;
• Assists application owners in the categorization of information under their responsibility, in the identi-fication and evaluation of information risk situations and in the definition of action plans to reduce in-formation security risks to a level acceptable to the organization and the Ministry of Health;
• Identifies and supports information security requirements when carrying out development projects, ac-quiring information systems, or decommissioning outdated systems;
• Develops and supports the Chief Information Security Officer (CSIO) in the implementation of the in-formation security training and awareness programs;
• Ensures the coordination and implementation of information security projects;
Required Knowledge and Attributes:
• Bachelors in Computer Engineering, Information System Security, Computer Science, Health Care Management or any related feild.
• Masters in IT security (an asset)
• Professional certificate in Certified Information Systems Security Professional (CISSP)
• 2 to 5 years of professional work experience in Information Technology risk management, cybersecuri-ty, compliance to information security management tools such as ISO17799/27002, identity & access policies, information security policies.
• Experience in the implementation of information security and privacy governance programs and pro-cesses.
• Experience in the implementation of audit programs and processes.
• Experience in drafting policies and procedures
• Deep knowledge of information security management concepts: ISO/IEC 27001/2, NIST 800-53, etc.
• Experience in digital data management related to information security and confidentiality.
• Knowledge of Amazon Web Services cloud computing platforms (an asset).
• Ability to interact and liaise with various stakeholder groups within a large organization, including tech-nical, clinical and administrative counterparts, as well as Ministry partners.
• Professional behavior and confidence in a dynamic and rapidly changing healthcare environment
• Bilingual (English, French)
WE OFFER A RANGE OF BENEFITS:
• Group insurance plan
• Pension plan (RREGOP)
• 20 days of vacation after one (1) year of employment
• 13 statutory vacations
• 9.6 sick days that can be redeemed for cash once a year
• Employee discount program
• Several restaurants, stores, banks nearby
• Easily accessible by public transit
-March 24, 2021