Senior Cybersecurity Specialist

Focused Education Resources (Focused Education) is hiring a Senior Cybersecurity Specialist to join their growing technology team and has retained Chemistry Consulting Group to assist with the search!  Currently Focused Education members consist of all 60 BC school districts, more than 100 independent and First Nations schools, and the Northwest Territories and the Yukon Departments of Education.

Under the direction of the Director of Technology Services, the primary role of the Senior Cybersecurity Specialist will be to provide subject matter expertise in cybersecurity and data governance to members of the K-12 school district community, to ensure the successful execution of the Focused Education Resources Cybersecurity Services program. This is an exciting opportunity to engage in meaningful work that directly supports public education in British Columbia.

The Senior Cybersecurity Specialist is responsible for advising, coaching, planning, and implementing cybersecurity initiatives in support of school districts to assist them in protecting their technologies and data. In addition, the Senior Cybersecurity Specialist is accountable for engaging with and providing leadership to various stakeholders to promote continuous improvement and understanding of cybersecurity risks and best practices.

RESPONSIBILITIES

• The Senior Cybersecurity Specialist is responsible for advising, planning, documenting, and implementing cybersecurity initiatives in support of school districts to assist them in protecting their technologies and data.
• The Senior Cybersecurity Specialist is accountable for engaging with and providing leadership to various stakeholders to promote continuous improvement and understanding of cybersecurity risks and best practices.
• The role will provide technical advice and cybersecurity risk management to support school district cybersecurity goals.

 Technical Leadership  

• Advise, develop, and apply industry best practices in cybersecurity for our members, the BC K-12 school districts.
• Champion strategies to protect school district data, communications, and technologies, from being stolen, manipulated, held at ransom, corrupted, or otherwise accessed illegally.
• Assist with the planning and execution of Focused Education’s IT4K12 annual conference and support the cybersecurity content evaluation.

Planning & Execution 

• Perform cybersecurity assessments to test and identify network and system vulnerabilities.
• Facilitate technical and operational audits and reviews of key internal control procedures.
• Document relevant business processes and their implications with regards to cybersecurity.
• Issue written reports outlining findings and recommendations based on audit results.
• Assist with the automation of monitoring and alerting processes and workflows to improve cybersecurity efficiency.
• Assess compliance with organizational cybersecurity rules and standards.
• Advise on remediation of gaps based on internal and external audits.

Incident Response      

• Advise on school district incident response plans.

Investigations

• Provide investigative oversight and support to school district technology leaders.

Training and Support

• Advise on cybersecurity awareness and training campaigns.
• Develop documentation and instructions for cybersecurity related procedures.

Project Management

• Plan and coordinate cybersecurity related projects.
• Provide time estimates for proposed cybersecurity related enhancements.

Technical Leadership  

• Lead technical direction and define cybersecurity requirements for cybersecurity related projects (‘Security by Design’).
• Continuously advise, maintain, and apply industry best practices in cybersecurity and data governance.
• Champion strategies to protect school district data, communications, and technologies, from being stolen, manipulated, held at ransom, corrupted, or otherwise accessed illegally.

Planning & Execution 

• Perform cybersecurity assessments to test and identify network and system vulnerabilities.
• Perform technical and operational audits and reviews of key internal control procedures.
• Document relevant business processes and their implications with regards to cybersecurity.
• Issue written reports outlining findings and recommendations based on audit results.
• Assist with the automation of monitoring and alerting processes and workflows to improve cybersecurity efficiency.
• Assess compliance with organizational cybersecurity rules and standards.
• Prioritize remediation of gaps based on internal and external audits.
• Coordinate security testing activities with staff, internal departments, and external partners.

Breach Response

• Advise on school district incident response plans and disaster recovery procedures.
• Support incident response to system and/or network security breaches.

Investigations

• Provide forensic support to school districts.

Change Management

• Participate in the change management process.
• Evaluate the impact of change on students, staff, parents, and partners, as part of the cybersecurity risk mitigation process.

Training and Support

• Advise on cybersecurity awareness and training campaigns.
• Develop documentation and instructions for cybersecurity related procedures.
• Conduct cybersecurity-related training for staff.

 Project Management

• Plan and coordinate cybersecurity related projects.
• Provide estimates for proposed cybersecurity related enhancements.

REQUIRED SKILLS

• Minimum requirements include:
  • Sc. in computer science or related discipline
  • Advanced certification/s such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), etc.
  • Four to six years cybersecurity experience within a technically complex organization
  • An equivalent combination of education and experience may be considered
• Demonstration of initiative and proficiency in the following competencies:
  • Experience leading and overseeing security investigations, audits and assessments
  • Experience with Pen Testing and Hacking techniques
  • Experience with log management platforms (SIEMs)
  • Ability to document, graph or otherwise visually represent security concepts, configurations, and workflows
  • Analytical with meticulous attention to accuracy and detail.
  • Strong understanding of Windows and Linux operating systems
  • Strong understanding of the TCP/IP stack
  • Strong understanding of cloud platforms and how they integrate into security models.
  • Excellent organizational, administrative, interpersonal, and communication skills (verbal, written and presentation).
  • A high level of professionalism and customer service, and the ability to collaborate and work effectively with all stakeholders
  • Ability to maintain strict confidentiality, exercise initiative, diplomacy, and discretionary judgment
  • Demonstrated ability to compose written material in a variety of formats
  • Ability to work under pressure and manage competing priorities and demands.

WORKING CONDITIONS

• Vancouver office - based 
• Hybrid work model - required time working in - office on average 2 days per week, but is negotiable depending on location
• Attendance at meetings or organization events  
• 15% to 20% inter-provincial travel 

WE OFFER

• A collaborative and support team environment
• Highly competitive total compensation package
• Flexible schedule
• Extended health, medical and dental benefits
• Municipal Pension Plan

Diversity, equity and inclusion is a core value of Focused Education Resources, one that is strongly supported and demonstrated throughout the organization. All qualified applicants will be given fair and equal consideration regardless of ethnicity, race, sexual orientation, gender identity and expression, culture, disability, nation of origin, age, or religion.

To apply to this position, please respond by email, citing Focused Education – Senior Cybersecurity Specialist in the subject line.  Please submit a cover letter, and resume detailing your experience and qualifications, as well as outlining why you are interested in this position.

We would like to thank all applicants, however only those selected for an interview will be contacted. No phone calls please.