Information Security Specialist

Teladoc Health
À domicile

Postuler dès maintenant

Détails du poste

Temps plein
Il y a 1 jour

Compétences

Authentification
CISA
TCP
Azure
Systèmes d'exploitation
Informatique
Kubernetes
Chiffrement
CISSP
Microsoft SQL Server
Windows
Sécurité de l'information
CISM
AWS
Réponse aux incidents
Baccalauréat
PostgreSQL
DNS
APIs
Sécurité
ISO 27001
Linux
Apache
TCP/IP
Compétences en communication
NGINX
MySQL
Gestion du temps

Description complète du poste

Teladoc Health is the global virtual care leader, offering comprehensive virtual care solutions spanning virtual care including primary, mental health, expert medical, devices and licensed platform services. Teladoc Health serves the world's leading insurers, employers, and health systems and helps millions of people around the world resolve their healthcare needs with confidence. Serving over 9 million Canadians, Teladoc Health has been in Canada for more than 20 years and operates in 175 countries world-wide.

Summary of Position

Information Security Specialist is a pivotal role within our organization with a focus strengthening our security posture across systems, applications, and cloud environments. This role requires a strong technical background combined with experience in security frameworks and integrations across modern enterprise ecosystems . The person in this role is the champion for the security of Teladoc Health Canada’s technology and data partnering closely with stakeholders and ensuring information and technology policies, requirements and controls are well-planned, developed and executed.

This role reports to Teladoc’s International Business Information Security Officer (based in Barcelona, Spain), as part of Teladoc Health’s global Security team and provides direct functional support to the Teladoc Health Canada Vice President, Product and Technology, who will largely oversee and manage the role’s day-to-day tasks.

Essential Duties and Responsibilities

Champion and execute the overall corporate IT security strategy, roadmap and governance structure, partnering with internal risk/compliance, operational, clinical, technical and business teams as well as external customers and relevant third-party stakeholders.

Understand business processes and information system requirements and the associated information risk in those processes .

Liaise closely with internal Canadian legal/privacy team to ensure adherence and alignment with Canadian privacy, data governance and regulatory requirements, and the business’ contractual commitments.

Work directly with the Canadian commercial team and client base to understand market business and functional requirements and provide compliance, security, and risk assessment support and guidance as required .

Establish and execute formal vendor security assessments, including pre-onboarding due diligence and ongoing monitoring of third-party vendors and sub-processors handling sensitive information.

Implement all information security, including security breaches, business continuity, and regulatory compliance programs including legal requirements, industry regulations, and best practices (e.g., ISO27001, SOC 2 Type II, etc.)

Lead end-to-end SOC 2 Type II and ISO 27001 audit cycles, including gap assessments, evidence collection via GRC tooling ( e.g. Vanta) and act as the primary liaison for external auditors to support certifications.

Develop information security guidelines, procedures, and responsibilities and support the development and implementation of technical and administrative security controls and related training and education.

Oversee technical incident response planning and implementation and participate in incident response, root cause analysis, and remediation activities.

Assess our technology environment and development methodology (SDLC) to identify and mitigate risks and gaps related to information security including potential data breaches.

Design, implement, and maintain security controls across infrastructure, applications, integrations and cloud environments in collaboration with our technology team and third-party vendors including:

Applications and other systems and middleware components, including operating systems, web servers, databases, and DNS services ( e.g. Salesforce, Mulesoft , APIs, etc.)

Network security architecture, including firewalls, segmentation, and secure communication protocols.

Logging and monitoring security needs, including SIEM platforms.

Encryption standards needed for compliance.

Document security configurations, processes, and controls.

Digital certificate lifecycle management, including issuance, renewal, and revocation.

Communicate information security and compliance risks to leadership and other technical and non-technical stakeholders for proper awareness and decision making.

Other duties as assigned.

Supervisory Responsibilities

Qualifications Expected for Position

Bachelor’s degree in computer science or comparable knowledge.

10+ years of relevant technical work experience, with 5+ years of experience in an information security role.

Experience in a highly regulated environment or electronic record systems, health care experience preferred.

CISM, CISA, CISSP, ISO 27001 LA or other relevant information security certifications are strong assets.

Essential effective oral and written communication skills with both technical and non-technical audiences in geographically dispersed locations

Ability to work effectively cross-functionally with technical and non-technical teams

Strong prioritization and time management skills

A deep understanding (with practical experience) of related information security technologies and concepts including access and authentication, network and application, message and transmission security as well vulnerability management best practices.

Proven knowledge of security program frameworks and assessments, ideally SOC 2 and ISO27001

Understanding of cloud security concepts and experience with securing cloud environments both public and private (AWS essential and Azure preferred)

Hands-on experience and familiarity with:

Operating systems (Linux, Windows)

Web servers (e.g., Apache, Nginx)

Databases (e.g., MySQL, PostgreSQL, SQL Server)

Network security principles and architecture (TCP/IP, firewalls, VPNs, segmentation and secure communication protocols)

SIEM tools and its integration

Application, cloud, and SaaS integrations, particularly platforms including Salesforce

Containers and/or Kubernetes

Automation tools

Salary Range

$175,000 to $200,000/year

Position Type

Net New

Work Environment

Office Remote Hybrid (Office & Remote)

Travel : 10%

Travel percentage reflects an estimate and is subject to change dependent on business needs.

Physical Requirements

To perform this job successfully, an individual must be able to perform each essential job duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform essential job functions . Teladoc Health will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual in line with company policy.

Why Join Teladoc Health?

Impactful, Connected Healthcare: Support millions of Canadians across the country with accessible care within rural regions & provincial health systems, at no cost to patients.

Focus on Quality & Safety: Upholding the highest excellence of clinical quality standards is paramount to Teladoc Health.

Collaborative, Supportive Network: Our diverse community is dedicated to transforming healthcare in Canada. Be a part of a growing team across Canada, that thrives on engagement, learning and growth.

Our Work Truly Matters: Recognized as the world leader in whole-person virtual care, Teladoc Health uses innovative platforms to provide accessible care across the full continuum of care, at every stage in a person’s health journey.

Growth and Innovation: We are growing rapidly - Come grow with us and support our expanding mission to make healthcare more accessible.

Diversity and Inclusion: At Teladoc Health we believe that personal and professional diversity is the key to innovation. We hire based solely on your strengths and qualifications, and the way in which those strengths can directly contribute to your success in your new position.

Teladoc Health Canada, Inc. uses artificial intelligence-assisted tools as part of our recruitment process, including to screen and evaluate candidates. These tools support, but do not replace, human judgment. Our hiring team makes all final decisions.

At Teladoc Health we thrive on difference and individuality. Teladoc Health is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

We are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for any stage of the recruitment process / interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please reach out to us at [email protected]

Postuler dès maintenant

Outils pour les chercheurs d'emploi

Outils Employeurs

Parcourir

Garder le contact