Revera is a leading owner, operator and investor in the senior living sector. We offer seniors’ apartments, independent living, assisted living, memory care and long term care. We understand how to create the best experience for people living in a Revera home. We believe everyone should have the opportunity to live a life of purpose, and we create environments that make that possible.
Our mission is to celebrate the human spirit in every way possible – and that applies to both our residents and our employees. There’s a lot that goes into being a member of our team – and there’s a lot that you’ll get out of the experience too. We go the extra mile to ensure that each member of our staff feels safe, secure, enriched and empowered in their role. So that everyone under our roof is given the opportunity to thrive, grow and make the most of every day.
Vaccines are a proven, safe and powerful weapon in our battle against COVID-19. Now that vaccines are widely available and recognizing that many of our staff are already vaccinated, vaccination will be a condition of employment for new hires, except when impossible due to legitimate, established exceptions. The vaccine must be a two-dose COVID-19 vaccination series approved by Health Canada. This is one more important step to protect both our residents and staff as we continue to battle this deadly virus.
Reporting to the Director, IT Security and Risk Management, the IT Security Analyst is a critical role that is continuously assessing and mitigating cybersecurity risk on behalf of the organization. The IT Security Analyst is responsible for assisting in the developing, maintaining, enforcing and improving IT security controls, organizational awareness and security compliance.
- Operational IT security risks are understood and actioned in a timely manner;
- Key IT stakeholders are informed about imminent cybersecurity threats;
- IT Security support actions meet service level requirements. Survey responses are satisfactory; and
- IT Security audit and assessment remediation actions are completed as planned.
- Support the Director, IT Security and Risk management in the implementation of the IT security program;
- Research, recommend and assist in the development of new security tools;
- Continuously assess security controls, balancing risk against user experience;
- Monitor public sources for the latest IT risks, threats and vulnerabilities;
- Actively monitor and analyze security events, alerts, and security dashboards;
- Co-ordinate and report on security incident response and investigations;
- Analyze security incidents and breaches to determine their root cause;
- Perform and/or co-ordinate internal/external security audits or risk assessments;
- Respond to and co-ordinate action items resulting from audit activities;
- Perform evaluations or verification testing on existing or new security controls;
- Participate in the implementation of new or updated security solutions;
- Analyze change requests & project requests requiring a security assessment;
- Act as a subject matter expert (SME) on information security best practices;
- Review, update, and create security policies, procedures and forms;
- Develop and co-ordinate the Employee Security Awareness program;
- Develop and co-ordinate the Employee Simulated Phishing attacks;
- Conduct vendor and partner risk assessments;
- Liaise with managed outsourced vendors that provide information security functions for compliance with contracted service-level agreements;
- Responds to security related support tickets in a timely manner;
- Uphold and promote the organization’s values and philosophy relating particularly to ethics, morality, and integrity as set out in Revera’s Code of Conduct; and
- Complete all other duties as assigned.
Required Education, Credentials and Experience:
- Degree in Computer Science, Software Engineering, 2-year Information Security program or an equivalent combination of relevant education and experience;
- Security certifications including SSCP, GSEC, GCIH, GCIA, CEH, CompTIA Security+, and OSCP are all considered assets;
- 1-2 years of employment in an IT security related position where cyber threat hunting and mitigation is a core activity;
- Must have working experience with Active Directory, Azure Active Directory, Office 365 security, and PowerShell;
- Must have working experience with Microsoft cloud security tools including MCAS, Defender for O365, Conditional Access, Azure Identity Protection, DLP and MFA;
- Foundational understanding of networking, hybrid cloud infrastructure and endpoint technologies including Firewalls, IDS/IPS, VPN, TCP/IP, DNS, MDM, and EDR;
- Familiar with industry security and audit frameworks and methodologies including NIST, Zero Trust and Sarbanes–Oxley Act (SOX);
- Familiar with healthcare related privacy standards HIPPA, PIPEDA, Canadian federal and provincial privacy acts;
- Intermediate to expert experience with Microsoft Excel;
- Able to work independently and in a team setting;
- Strong sense of curiosity, naturally suspicious and risk-based thinker;
- Very organized, methodical thinker who pays attention to detail;
- Ability to speak and communicate effectively with peers and management;
- Ability to write clear and concise documentation in English; and
- Ability to deal with high priority incidents and critical security breach situations.
Revera is committed to ensuring that all employment practices are inclusive. As an organization we are committed to providing and arranging accommodation for candidates upon request.
Please Note: If you are a current employee of Revera and have Employee Self Service (ESS) on Workday, please apply to this job via the Workday application.