IT Infrastructure Services 2 - Governance, Risk & Compliance
Your Opportunity:
Security Analyst – Governance, Risk & Compliance (GRC) provides Tier-2 operational support within the Information Risk Management team, focusing on cybersecurity governance, risk, and compliance activities. This role helps respond to General Service Requests (GSRs) and security incidents, ensuring accurate documentation and appropriate follow-up. Key responsibilities include tracking and organizing security-related tickets, assisting with compliance reporting, and supporting security policy exception processes by logging requests, gathering details, and ensuring follow-ups. The analyst contributes to third-party security reviews by helping collect and review vendor security information, identifying security-related documentation gaps, and supporting internal teams with compliance questions. This role also involves participating in audit and compliance support efforts, ensuring that security controls align with NIST Cybersecurity Framework (CSF) principles. The analyst will assist in process improvements, governance documentation updates, and stakeholder collaboration efforts while developing foundational cybersecurity knowledge.
Description:
GRC Daily Operations: Assist in responding to General Service Requests (GSRs) and security incidents by documenting and tracking issues. Support the team in reviewing and distributing security-related tickets. Help categorize and escalate security incidents following NIST CSF guidelines. Maintain records of security-related activities, ensuring accuracy for reporting purposes. Compliance & Risk Support: Assist in processing security policy exceptions, ensuring requests are documented and compliance follow-ups occur. Support third-party security reviews by collecting vendor security information, identifying missing documentation and initiating yearly compliance attestation where required. Help track audit-related security findings and follow up on outstanding tasks as directed. Contribute to compliance-related documentation, ensuring security activities align with NIST CSF requirements. Process Improvement & Governance Documentation: Assist in updating security policies, standards, and guidelines under the direction of senior team members. Support efforts to improve workflows related to security compliance and risk tracking. Help organize and maintain governance documentation, ensuring accessibility and accuracy. Collaboration & Security Awareness Support: Work with internal teams to gather information for security compliance and risk-related tasks. Contribute to security awareness efforts by assisting with basic research and content preparation. Participate in meetings with internal stakeholders to support cybersecurity-related discussions.
- Acute Care Alberta: N
- Primary Care Alberta: N
- Recovery Alberta: N
- Classification: IT Infrastructure Services 2
- Union: Exempt
- Unit and Program: Information Risk Management
- Primary Location: CN Tower
- Location Details: Eligible to work hybrid (on/off site) within Alberta
- Negotiable Location: Provincial
- Employee Class: Regular Full Time
- FTE: 1.00
- Posting End Date: 23-MAY-2025
- Date Available: 09-JUN-2025
- Hours per Shift: 7.75
- Length of Shift in weeks: 2
- Shifts per cycle: 10
- Shift Pattern: Days
- Days Off: Saturday/Sunday
- Minimum Salary: $25.02
- Maximum Salary: $41.71
- Vehicle Requirement: Not Applicable
Degree/Diploma in Information Technology or equivalent education and experience in lieu.
Additional Required Qualifications:
Knowledge and/or experience of industry best practices for IT risk management. Understanding of IT process management and improvement. Understanding of the Healthcare IT sector.
Preferred Qualifications:
Knowledge and/or experience of industry best practices for IT risk management. Understanding of IT process management and improvement. Understanding of the Healthcare IT sector.
Please note:
All postings close at 23:59 MT of the posting end date indicated.
Security Screening:
A satisfactory criminal record check and/or Vulnerable Sector Search is required prior to your first day of work. Additionally, all employees have an ongoing duty to disclose any charges or convictions that may occur during their employment with AHS.
Healthy Albertans. Healthy
Communities. Together.
We’re passionate about what we do. Our team of skilled and dedicated health care professionals, support staff, and physicians promote wellness and provide health care every day, all across Alberta.
Everything we do at AHS reflects a patient and family centred approach; it’s about putting patients’ and families’ experiences, priorities and trust first.
We are an equal opportunity employer. AHS values the diversity of the people and communities we serve and is committed to attracting, engaging and developing a diverse and inclusive workforce.
