Director, Information Security & Cyber Security (brocku)

Job Description

This position is part of the

Brock University is one of Canada’s leading comprehensive universities, a Top Employer in Hamilton-Niagara, ranked #3 as Canada’s Best Employers and ranked top 10 as one of Canada’s Best Employers for Diversity compiled by Forbes and Statista. We are an inclusive, welcoming community that offers a wide range of unique career opportunities for those with passion, energy and expertise.

We are looking for team members who want to help us continue to deliver an exceptional student experience, perform impact-driven research and generate life-changing breakthroughs for our world. Ignite new possibilities for your career. Break through at Brock.

Post End Date:

Note to all candidates: This posting will close at 12:01 am on the date listed .

A Day in the Life… 
Reporting to the Associate Vice-President and Head of Information Technology Services, the Director, Information Security and Cyber Security is responsible for strategic planning and ensuring operational excellence in all activities related to Information and Cyber Security. The Director is responsible for the thought leadership, operationalization and ongoing management of comprehensive information and cyber security practices at Brock University and is accountable for leading technical teams responsible for Security Incident Response, Vulnerability and Threat Management, and Enterprise Security controls, including Data Loss Prevention, Anti-Malware, Behavior Analytics, and Cloud Access Security Broker (CASB).

As the Director, Information Security and Cyber Security, you will: 

• Develop, implement and maintain the information and cyber security roadmap ensuring compliance with audit and risk management programs;
• Oversee, manage, optimize, develop processes, procedures and controls to ensure ongoing strengthening of security posture across the surface area (i.e., infrastructure, end-point, asset, IAM etc.);
• Develop and implement hardening procedures for infrastructure and user devices to ensure data protection;
• Establish regular reporting on security posture, threats and compliance for distribution to identified partners within governance model;
• Be responsible for developing policies, budgets, guidelines, procedures and ensure long- and short- term planning aligns with the University’s mission and strategic mandates;
• Measure and report on the effectiveness of security controls and IT infrastructure key performance indicators;
• Lead the evaluation, communication and remediation of security findings, establish risk mitigation, controls and remediation in alignment with required frameworks, standards and guidelines;
• Investigate ITS security incidents and drive forensics analysis with all parties (internal and external) and escalate risks to leadership;
• Manage and develop the information security programs by implementing best practices throughout the various technologies across Brock University to identify and reduce risk;
• Develop, implement and monitor compliance of training, awareness and educations plans for all partners (students, faculty, staff, etc.);
• Be responsible for budget management and financial reporting ensuring the efficient and effective delivery of operational plans and services;
• Lead the team responsible for vulnerability management of the information security attack surface (infrastructure, cloud, application, vendors, end-points, assets, etc.);
• Provide leadership to team including staff training and development needs;
• Ensure principles of equity, diversity and inclusion are upheld across the team.

Please note this position requires availability for on-call support outside of regular business hours. 

What you need to Succeed…

• Bachelor’s Degree in Computer Science, or equivalent combination of education and related experience;
• Certified Information Systems Security Professional (CISSP);
• A minimum of 10 years of information technology experience preferably in infrastructure or solution architecture;
• A minimum of 7 years of demonstrated experience in IT system security, Identity access management (IAM), monitoring/network security administration, security/hardening controls, risk evaluation and risk mitigation strategies within a mid- large size enterprise organization;
• Demonstrated management skills, e.g., budget development and administration, policy development and implementation, personnel administration, and staff training and development;
• In-depth knowledge of system security frameworks (NIST, CIS, CSA) and other governing/regulatory requirements (SOX, CCPA, PCI, etc.);
• Thorough understanding of industry best practices, policies, compliance and regulations;
• Previous experience using a SIEM to analyze and correlate activity;
• In-depth knowledge of current and emerging infrastructure technologies, specifically firewalls, vulnerability scanners, centralized logging and intrusion prevention/detection systems, with the ability to integrate new components into existing infrastructure;
• Excellent listening, verbal, and written communication skills with a proven ability to communicate with tact and diplomacy;
• Proven ability to build and maintain professional relationships, consult and collaborate with internal and external partner groups and individuals;
View Orignal JOB on: italents.net
• Strong analytical and critical thinking skills relevant to development of policy, project planning, scheduling, and reporting; and
• Ability to effectively manage time and set priorities working with multiple staff, partners, tasks, projects, and deadlines.

Preferred or Asset Skills… 

• Experience with PCI-DSS compliance;
• ITIL and/or project management experience;
• Experience with Microsoft System Centre Suite; and
• Experience in an education or government organization.

Salary and Benefit Information

• Job Grade Q, Salary Scale ($103,110-$176,760)*;
• This position includes full comprehensive benefits including tuition waiver. 

*The salary range indicated is representative of all positions evaluated at this level. Actual salary is determined by assessing related skills, experience, internal equity and market competitiveness, subject to available budget.  

Applicants are required to upload a resume and cover letter as part of the application process.

Brock University is actively committed to diversity and the principles of Employment Equity and invites applications from all qualified candidates. Women, Aboriginal peoples including those who identify as members of First Nations, Inuit and Métis Peoples, members of visible minorities and racialized groups, people with disabilities, and lesbian, gay, bisexual, transgender, and queer (LGBTQ) persons are encouraged to apply. We will accommodate the needs of the applicants and the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act (AODA) throughout all stages of the selection process, as outlined in the Employment Accommodation Policy https://brocku.ca/policies/wp-content/uploads/sites/94/Employment-Accommodation-Policy.pdf. Please advise: talent@brocku.ca  to ensure your accessibility needs are accommodated through this process. Information received relating to accommodation measures will be addressed confidentially.

It is Brock University’s policy to give consideration to qualified internal applicants.

We appreciate all applications received; however, only candidates selected for an interview will be contacted.  

Learn more about Brock University by visiting www.brocku.ca