Senior Security Consultant responsible for conducting Security Threat and Risk Assessments (STRAs) for net-new and addendum requests related to DPPE system

S.i. Systems client is looking for a Senior Security Consultant responsible for conducting Security Threat and Risk Assessments (STRAs) for net-new and addendum requests related to DPPE systems and technologies- SOW20250327LS/ April 8th- 1

6 month contract to start.

Must Haves:

• Extensive experience conducting STRAs for healthcare environments, preferably within BC’s health sector.
• Familiarity with Ministry of Health security policies, standards, and risk assessment frameworks.
• Understanding of clinical and diagnostic systems, particularly in Interventional Cath Labs and Radiology.
• Experience assessing security risks in integrated hospital environments and electronic health record (EHR) systems.
• Strong grasp of BC privacy legislation (e.g., FIPPA) and healthcare security compliance requirements.
• Experience with network security, application security, and third-party risk management.

Project Description:

The selected Information Security Consultant will be responsible for conducting Security Threat and Risk Assessments (STRAs) for net-new and addendum requests related to DPPE systems and technologies within the scope of the Interventional Cath Labs / Radiology Project at SMH.

Key responsibilities include:

· Performing STRAs to assess security risks and compliance requirements.

· Identifying vulnerabilities and recommending mitigation strategies.

· Collaborating with internal security, clinical, and IT teams to ensure alignment with security policies and regulatory standards.

· Documenting findings and providing detailed reports to support risk-informed decision-making.

· Supporting the project team in addressing security concerns throughout the implementation timeline.