Manager, Information Security
- Tracking Code
- Job Description
IT Services is the central IT division of Durham College which provides shared IT services to both Durham College and Ontario Tech University. Three separate departments within IT Services are responsible for respectively providing (i) the IT infrastructure, (ii) the enterprise applications, including the ERP system (Banner), and (iii) IT user support services such as the service desk, level 2 technical support, etc. A director leads each of these departments.
Based in the Office of the AVP, Information Technology, the Manager, Information Security is responsible for the development of a comprehensive information security program according to best practice, and the unfolding thereof. The manager ensures overall information security of the College’s and University’s technology systems, processes and practices together with the IT management team and other relevant stakeholders. The incumbent will work across IT Services and departments in the college and university to lead and facilitate information security improvements. In addition, will provide information security advice to the college and university and enhance existing security policies. The incumbent will coordinate regular information security vulnerability assessments and contribute to the design and implementation of information security monitoring and reporting solutions. The manager ensures the deployment of systems and applications in a secure manner. This position will also play a key role in PCI compliance and disaster recovery at IT Services. The incumbent is responsible for identifying emerging or existing information security threats and plays a key role to position the two institutions to effectively deal with those threats. The manager oversees the information security awareness program and assists in giving security updates to executives, managers, staff and faculty.
The incumbent is responsible for maintaining an information security risk register and is responsible for third-party and cloud vendor risk assessment. The manager will also lead the information security incident response efforts and prepare the related reports. The incumbent will deal with information of a highly sensitive and confidential nature on an ongoing basis. In addition, this position works closely with the IT management team to ensure a secure information technology environment.
The successful candidate will hold a four year degree in Computer Science, Information Technology, or a related field. A CISM or a CISA certification is required. An ITIL and CISSP certification are an asset. In addition, the incumbent will have a minimum of nine years’ relevant experience in an enterprise IT environment along with five years’ experience in driving information security in an enterprise environment. The successful candidate will have five years’ experience working in an enterprise environment with a service desk, ICT infrastructure, enterprise systems, etc. In addition, three years’ project management experience and two years’ experience managing external vendors is required, along with prior experience in a similar role in information security management and/or related functions (e.g. IT audit). The successful candidate will also have five years’ of people management experience.
The successful candidate will have, through experience and training, a set of specialized knowledge in information security. The skills would include knowledge of IT infrastructure security, application security, endpoint security, data encryption, business continuity, vulnerability testing, forensic analysis, cloud architectures, PCI compliance. The incumbent will have the ability to engage effectively with clients at all levels of the organization. In addition, the successful candidate will have excellent leadership, written and verbal communication and interpersonal skills. The incumbent will have a broad knowledge of servers and operating systems, advanced administration practices, enterprise services such as e-mail and directory services; ERP systems, cloud hosting and relevant ITIL processes. Lastly, the incumbent will have a good knowledge of networks and Wi-Fi, an understanding and experience with RFP and other processes for acquiring technology, and the project management skills to manage multiple projects at a time.
- Required Skills
$89,101 - $118,802
- Required Experience
To apply for this position in confidence, please submit your cover letter and resume to the online portal. Applications will be accepted until 4:00 pm on August 24, 2020. Competition number is AD20-08.
- Job Location
- Oshawa, Canada
- Position Type
- 89,101.00 - 118,802.00 CAD