Cybersecurity Specialist - Full Time - Markham Stouffville Hospital

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Business Administration, or a related field.
• Minimum 7 years of experience in network and information technology environments.
• Minimum 3 years of experience supporting cybersecurity programs, security risk assessments, and compliance initiatives within a large, complex organization.
• Experience working with cybersecurity governance frameworks such as NIST.
• Experience with Identity and Access Management (IAM), Privileged Access Management (PAM), Microsoft security technologies, SIEM platforms, vulnerability management, and incident response processes.
• Experience leading cybersecurity projects and initiatives.
• Strong understanding of cybersecurity principles, risk management practices, and security controls.
• Knowledge of network protocols, Windows operating systems, and Active Directory environments.
• Familiarity with healthcare privacy and security legislation, including PHIPA and FIPPA.
• Excellent analytical, problem-solving, communication, and stakeholder engagement skills.
• Demonstrated ability to build relationships, influence decision-making, and provide consultative support across diverse teams.
• Strong customer service orientation and commitment to continuous learning.

Nice To Haves

• Professional cybersecurity certification preferred, such as: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or equivalent cybersecurity certification.

Responsibilities

• Lead and support the end-to-end implementation of cybersecurity and information security solutions, including planning, requirements gathering, stakeholder engagement, configuration, testing, deployment, and transition to operational support.
• Manage the full lifecycle of cybersecurity initiatives, including policy and procedure development, change management, user adoption, training, and post-implementation optimization.
• Support the development, implementation, and ongoing maintenance of cybersecurity policies, standards, and procedures aligned with industry best practices and regulatory requirements.
• Conduct cybersecurity risk assessments, vulnerability reviews, and compliance audits, identifying opportunities to strengthen the organization's security posture.
• Monitor emerging threats, vulnerabilities, and industry trends, recommending security enhancements and mitigation strategies.
• Provide cybersecurity guidance and requirements throughout the lifecycle of digital health and technology projects.
• Coordinate vulnerability assessments, penetration testing activities, and remediation efforts.
• Support incident response activities, investigations, threat analysis, and documentation requirements.
• Develop and deliver cybersecurity education, awareness programs, and phishing simulations to promote a security-conscious culture.
• Prepare security and compliance reporting, including key risk and performance indicators, for leadership and stakeholders.
• Collaborate with internal teams, external partners, and vendors to ensure security controls, compliance requirements, and security best practices are effectively implemented and maintained.