Listing Description
Our Mission
At Inkblot Labs, we believe in helping Canadians get the health care they need, when and where they need it.
We create apps and services that make it easier, more accessible and more affordable for Canadians to get the care they need. We believe in the power of technology to let you live a healthier, happier and more meaningful life. And with this passion, we’re making practical solutions to everyday problems..
Interested in building high-impact health products? You’ll fit right in.
Life at Inkblot Labs
We are founders, entrepreneurs, designers, and technologists coming together to build, launch, and scale products and companies solving painful problems in the Canadian health space. We love solving big challenges and are focused on providing Canadians with better access to the care they need.
About the opportunity
We are looking for someone to develop and implement technological controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect assets.
What you'll be doingPerform all tasks necessary to ensure the protection of information systems assets from intentional or inadvertent access or destruction. Analyze security needs based on the sensitivity or proprietary nature of the data, and ensure all systems are utilized for management-approved purposes onlyProvide information security governance expertise and guide the administration of security tools that control and monitor information security, including:Update access control tablesSet up user logon IDs and assigning/resetting passwordsDesign computer system access reports to identify possible security violationsAssist in developing and maintaining effective business continuity plans, processes, and procedures necessary to recover business services in the event of a declared disaster, providing direction and in-house consulting in these areasProvide working knowledge of the day-to-day operating environment, available tools, operating techniques, and customer applications.Train information owners and officers in the implementation of necessary computer security controls or new upgraded security software and devices. Assist with development and implementation of information security educational programs, conducting awareness seminars and workshops as appropriateContributes to the maintenance of technical reference library; assists with development of technical information materials and workshops on these new areas for IT as appropriateCoordinates efforts with various project teams ensuring control techniques are incorporated into the overall security model regarding operating systems, applications, database management and network management.Generates information security governance reports, performs testing of security modifications.Contributes to the development and maintenance of regular reporting and metricsContributes to the development and maintenance of KPIs, KRIs, and SLAsAssist in the coordination and completion of security documentation (build documentation, and end-user job aides/training)Represent IT Security as a subject matter expert for security requirements and controlsDefine and recommend/implement security requirements, controls, policies, processes/procedures, and best practices to meet and facilitate various business requirements and enforce compliance Develop and manage implementation plans for Security projects, applications, and operations.As a project lead or stakeholder assist with the resolution of complex technical problems that will have an impact on project deliverables or integration engagements.Keep abreast of security trends, emerging cyber security threats, security tools, best practices, and applicable compliance regulations. Participate in the selection of security tools and/or partners that will improve security posture.Assist in the development of business cases, and detail requirements for security-related technologies. Work with vendors to provide security guidelines and ensure security and privacy standards are met.Lead or assist with simulated events to evaluate and improve security preparedness and response plan. Participate and assist in incident response and forensics activities.Foster and Promote security awareness and security culture among all levels of stakeholders in day-to-day projects and operations.Assist with the creation and delivery of cybersecurity awareness training. Assist with internal and 3rd party security audits.Assist with RFP/RFI response assessments, Acquisition analysis and risk assessments, and 3rd party provider analysis and risk assessmentsMaintain an information security risk register and track remediation efforts. Provides coverage for off-business hours and weekends.
Skills and Experience NeededTechnical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized information security governance expert and to lead teamsIT Security designations (CISSP, SANS GIAC, CCSP/CCSK, CRISC, CISA, CDPSE) considered an asset.Experience with Data Protection Programs and Data Loss Prevention technical solutions (Microsoft, Zscaler, Proofpoint, etc.)Experience in analyzing business problems, defining conceptual and detailed security requirements for enterprise applications and information technology.Knowledge of cryptography (PKI, digital signatures, SSL/TLS).Experience with NIST Cybersecurity Framework, CIS Top 20 Critical Controls and Benchmarks, and ISO 27001/27002 would be considered an asset.Knowledge of MITRE ATT&CK frameworkKnowledge of security controls and measures to take within a Cloud Native environment.Familiarity with Cloud Security and experience in infrastructure, data protection, identity, or auditing security (Azure, AWS, GCP).Extensive theoretical and technical knowledge of Endpoint/Server security, Application defense strategies, Application-level security, Storage and Network configuration security, Identity, and Authentication strategies, and technologies would be considered an asset.Clear and effective written and oral communication skills and the ability to communicate to all levels of internal and external customers including Auditors.Proven analytical abilities, problem-solving skills, and able to work at an abstract level.Experience with security tools; Identity Lifecycle Management, authentication technologies, and network monitoring would be considered an asset.Ability to effectively adapt to and apply rapidly changing technology to business needsStrong knowledge and understanding of business needs, with the ability to establish and maintain a high level of customer trust and confidenceStrong analytical and problem-solving skillsStrong customer focus and ability to manage client expectationsSolid oral and written communications skills; ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understandingSolid project management skills, especially in a cross-functional environmentStrong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people
Our Commitment to Your Health:
We pride ourselves on offering flexible and comprehensive benefits for you and your dependents, covering medical, dental, mental health and more. At Inkblot, we also understand that life happens. When it does, we offer flexible work hours for the times when you need to put your health, family, or well-being first.
Culture Matters:
We believe the best workplace cultures are where every voice is valued and every person feels comfortable bringing their authentic selves to work. Diversity and inclusion are ingrained in our DNA.
Inkblot Technologies Inc. is an equal opportunity employer. Whatever you need to be successful, we will support you. If you need accommodation during the recruitment process or a few questions answered, please let us know at people@inkblottherapy.com
Listing Details
-
Citizenship:
Not Provided
-
Incentives:
Not Provided
-
Education:
Not Provided
-
Travel:
Not Provided
-
Telework:
Not Provided