Company: Digital Research Alliance of Canada
Position Title: Cybersecurity Manager
Location: Remote, anywhere in Canada
Type: Full Time
Salary Range: Interested candidates are asked to supply a statement that details salary expectations for the role.
The Cybersecurity Manager is responsible for leading the delivery of a comprehensive information security strategy to optimize the security posture of the organization. The Manager will support the development and implementation of the security program established by the Director of Information Security that leverages collaborations and organization-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and design of appropriate policies to manage information security risk. The Cybersecurity Manager is a member of the Operations & Security team and reports to the Director, Information Security.
- Lead the establishment of annual and long-range security and compliance goals, security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
- Work collaboratively with ARC Regions, partner DRI organizations such as TRIUMF, CANARIE NRENs, OCEAN Network Canada, SNOLAB (to only name a few) and institutional Cybersecurity Specialists on Alliance Cybersecurity Program-related tasks including incident response, sharing of technical expertise, developing security processes, and security reports generation.
- Safeguard information system assets by identifying and solving potential and actual security problems.
- Monitor Alliance internal infrastructure, in collaboration with internal IT, Operations Team, and provincial and territorial partner teams when necessary.
- Improving security posture by participating in the implementation of collaborative initiatives with the National Research and Education Network partners.
- At the direction of Human Resources, support ITS activities related to data access reporting, data collection, and securing evidence in disciplinary and legal matters, security breaches, and policy violations.
- Provide technical support within Alliance Cybersecurity Program Initiatives.
- Ensure systems protection by defining access privileges, control structures, and resources.
- Recognize problems by identifying abnormalities, reporting violations.
- Implement security improvements by assessing current situation; evaluating trends; anticipating requirements.
- Determine security violations and inefficiencies by conducting periodic audits.
- Upgrade system by implementing and maintaining security controls.
- Keep users informed by preparing performance reports, communicating system status.
- Provide after-hours cybersecurity support to the Alliance team, as required.
- Maintain technical knowledge by attending educational workshops, reviewing publications.
- Foster the professional development and oversee the work deliverables of the Developer, Cybersecurity Systems Admin., Cybersecurity Data Analyst, and Cybersecurity Business Analyst
- Stay abreast of cybersecurity issues and regulatory changes affecting the Research Community at the Provincial and Federal level, participate in national policy and practice discussions, and communicate with the organization on a regular basis about those topics.
- Perform cross-functional and/or other duties consistent with the job classification, as assigned or requested.
- Knowledge normally associated with a degree in computer science, engineering, information sciences (to only name a few) at the undergraduate level, with significant relevant IT work experience is required.
- Significant IT security management experience, with exposure to Security Operations Center (SOC) environment, demonstrated through a minimum of seven years of work experience.
- Have 2+ years of hands-on experience with one of the risk management standards and frameworks like (ISO 27001, NIST CSF, PCI DSS, etc.).
- Knowledge and experience with information system architecture and security controls (i.e., firewalls, operating systems configurations, databases, information security policies, and procedures).
- Significant experience with IT security strategic planning and personnel management.
- Knowledge of application security best practices, tools and methodologies
- Demonstrated ability to gain trust and credibility from internal and external stakeholders.
- Experience with SIEM operations, Incident Response and Vulnerabilities Assessments and Multi factor authentication solution implementation and support.
- Strong working knowledge of the Microsoft Office suite products.
- Excellent interpersonal and leadership skills with the ability to establish and maintain effective working relationships with the Research Community, Alliance Staff, and external stakeholders.
- Ability to communicate effectively, both orally and in writing is required. Having these skills in both of Canada’s two official languages would be an asset.
- Ability to work with a culturally diverse population.
- Other relevant professional security certifications like CISSP, CISM and COBIT are an asset.
Must have 10 years of verifiable background information to be able to hold/pass:
- Reliability status
- Law enforcement records check (LERC)
- Government of Canada security assessment
BENEFITS / WORK PERKS
In addition to a competitive salary and a rewarding career where you can truly make a difference in the Canadian research community, we offer a comprehensive benefits package that meets the various needs of our diverse team and that spans across Canada, including:
- Comprehensive Benefits Plan, including:
- Long-Term Disability
- Life Insurance
- Flexible Spending Account
- Mental Health Supports
- Defined Benefit Pension Plan
- Paid Vacation
- Remote Work – Flex Hours
Please apply here.
The Alliance recognizes that challenges remain in achieving the full participation of equity-seeking groups (including women, Indigenous Peoples, persons with disabilities, members of visible minority/racialized groups, and members of LGBTQ2+) in research careers and is committed to identifying and eliminating barriers that may exist within its own hiring process, programs, and practices.