Information Security Consultant
We are seeking for the Information Security Consultant for The Interventional Cath Labs / Radiology Project at SMH is a Ministry of Health (MOH) priority initiative aimed at improving diagnostic and interventional capabilities. This project will implement new systems and technologies within DPPE (Digital Patient and Provider Experience) to support clinical operations. A security consultant is required to conduct Security Threat and Risk Assessments (STRAs) to ensure compliance and mitigate potential risks ahead of the project's go-live date.
Key Responsibilities:
- Conduct STRAs: Perform Security Threat and Risk Assessments for net-new and addendum requests related to DPPE systems and technologies within the scope of the Interventional Cath Labs / Radiology Project.
- Vulnerability Identification: Identify security vulnerabilities within systems and provide actionable mitigation strategies to enhance security.
- Collaboration: Work with internal security teams, clinical staff, IT departments, and external vendors to ensure alignment with security policies, technical requirements, and regulatory standards.
- Documentation & Reporting: Create comprehensive documentation of findings from STRAs and deliver detailed reports to facilitate risk-informed decision-making, highlighting risks, vulnerabilities, and mitigation strategies.
- Ongoing Support: Address security concerns throughout the implementation phase, contributing to ensuring systems are security-ready for the clinical go-live date.
- Stakeholder Coordination: Effectively coordinate with various stakeholders, including clinical teams, IT staff, security personnel, and external vendors to manage security risks.
Mandatory Skills & Qualifications:
- Proven Experience in STRAs: Extensive experience conducting Security Threat and Risk Assessments (STRAs) in healthcare environments, with a focus on BC's health sector and Ministry of Health security policies and frameworks.
- Healthcare IT & Medical Systems Expertise: Deep understanding of clinical and diagnostic systems, particularly in Interventional Cath Labs and Radiology. Experience in assessing security risks in integrated hospital environments, including Electronic Health Record (EHR) systems.
- Regulatory & Compliance Knowledge: In-depth knowledge of BC privacy legislation (e.g., FIPPA), healthcare security compliance requirements, and security best practices for medical device connectivity and data protection.
- Technical & Risk Management Expertise: Strong technical knowledge in network security, application security, and third-party risk management. Proven ability to analyze system architectures, data flows, and security controls to ensure comprehensive security postures.
- Security Framework Knowledge: Familiarity with leading security frameworks such as NIST, ISO 27001, or HITRUST for effective risk assessment and mitigation.
- Demonstrated ability to work within tight project timelines, with experience adapting to evolving requirements. Ability to collaborate effectively with various stakeholders to ensure project success.
- Communication & Documentation Skills: Exceptional written and verbal communication skills, with the ability to document findings and present complex risk assessments and mitigation strategies in a clear, actionable manner to both technical and non-technical audiences.
- Security Risk Mitigation in Healthcare: Experience in handling complex security issues and mitigating risks effectively in regulated, high-stakes healthcare environments.
Preferred Qualifications:
- Experience in Healthcare Sector: Hands-on experience with hospital information systems, clinical software, and medical device integration.
- Security Best Practices for Medical Devices: Knowledge of security practices related to medical device connectivity and managing medical device security risks.
About Techiosoft:
Techiosoft is a global leader in next-generation technology, consulting, and business process services. We help clients navigate their digital transformation journeys, delivering innovative IT solutions tailored to healthcare, government, and enterprise sectors. With a client-first approach, a strong culture of innovation, and a team of highly skilled professionals, we are committed to delivering excellence and impact in IT infrastructure projects worldwide.
Join us and be a part of cutting-edge IT solutions that shape the future of healthcare technology!
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
