0

Associate Director, IT Security

Camosun College Jobs View other Camosun College offers
November 7 2024
Categories Executive, CTO, Security, Continuity, Risk
Victoria, BC • Full time
The Associate Director, IT Security plays a vital role in securing the College's digital assets, including proprietary and sensitive information. The Associate Director, IT Security is responsible for establishing and maintaining an enterprise IT security strategy through strategic initiatives, policy development, architecture design, implementation and management of technology solutions and training programs. Other responsibilities include the selection of appropriate security solutions and managing the budget. The Associate Director, IT Security is responsible for the ongoing operations of security monitoring and remediation, adoption of security best practices and enforcement within the college. The Associate Director, IT Security is responsible for maintaining and testing of a robust cybersecurity incident response plan, including technical playbooks, in the event of a significant cyber-related event.

REPORTING RELATIONSHIPS
The Associate Director, IT Security reports to the Chief Information Officer.
Reporting to the Associate Director, IT Security are:
  • 1 FTE - IT Security Analyst - CUPE
  • 1 FTE - IT Senior Network Administrator - CUPE


The Associate Director, IT Security frequently meets and collaborates with senior leadership and workplace leaders across the college. The Associate Director, IT Security, is an integral member of the ITS Management Team and is expected to work in close partnership and cooperation with the Information Technology Services management team. This partnership includes effective priority setting and balancing of resources to meet overall College objectives. Develops and maintains effective, positive relationships with all clients of IT services at the College.

ESSENTIAL JOB FUNCTIONS
Strategy & Planning
  • Is accountable for the security architecture design and the College's IT security strategy, guided by CIS Controls and the Province of B.C.'s Defensible Security Framework and in compliance with other relevant security and privacy requirements (PCI-DSS, FIPPA, etc.).
  • Develop and maintain a cyber security awareness training program, including phishing cyber security workshops and end-user training.
  • Create, maintain and promote the College's security documentation (policies, standards, baselines, guidelines and procedures).
  • Maintains the development and implementation of a cyber security incident response program that ensures that all stages of incident lifecycle management are followed: preparation, detection and analysis, containment and eradication and recovery, and post-incident activity.
  • Leads the IT Security Team and provides clear direction for goals and associated actions.
  • Ensures that Payment Card Industry Data Security Standards (PCI-DSS) compliance is maintained and works closely with the IT Infrastructure team to enforce controls concerning card holder data to reduce credit card fraud.
  • Perform threat-hunting exercises and stay current with relevant threat actors and actor groups to ensure the College understands the current risks and trends in targeted higher education attacks.

Acquisition & Deployment
  • Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and new attack and threat vectors.
  • Accountable for the selection and acquisition of technical security solutions and enhancements to improve overall enterprise security as per the College's existing procurement processes.
  • Manage the deployment, integration and configuration of new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures and the College's security policies and standards.

Operational Management
  • Ensure the confidentiality, integrity and availability of the College's systems, network and data.
  • Ensure the enforcement of security policies, procedures and standards.
  • Leads and coordinates an appropriate level of response to cyber security events, alerts and incidents.
  • Accountable for security-related investigations and communicates frequently with the CIO and ITS management team.
  • Responsible for the design and execution of vulnerability assessments, penetration tests and security audits.
  • Ensures regular cyber security awareness training for all employees is performed to ensure consistently high levels of compliance with security policies, procedures, standards and general security best practices.
  • Perform regular assessments and audits of existing security systems, tools and control, ensuring that we are maximizing the use and value of our investments.
  • Assist in the development and testing of the ITS Disaster Recovery Plan and where appropriate, assist in the College's Business Continuity Plan.
  • Assist the ITS Management Team, Privacy Officer and functional workplace leaders in providing recommendations related to privacy and the development of Privacy Impact Assessments (PIAs).
  • Engage in ongoing communications to ensure a wide understanding of security goals, to solicit feedback, and to foster cooperation with peers in ITS, the College community, the broader post-secondary institution's community and BCNET as well as the Ministry of Advanced Education, Skills and Training, the Office of the Chief Information Officer for the Province of British Columbia and the Office of the Information & Privacy Commissioner for British Columbia.
  • Establish and maintain regular written and in-person communications with the College's executives, decision-makers, stakeholders, department and program heads, schools and end users regarding pertinent security activities.
  • Manages reporting staff, overseeing and participating in the selection, coaching, mentoring, development, and performance management.
  • Ensure team complies with SLAs (including after-hours escalations), process adherence and process improvements to achieve operational objectives.
  • Researches, demonstrates and presents in public on current ITS cyber security issues and directions for both the College and external audiences.
  • Responsible for maintaining an accurate and current risk register for cyber-related risks and associated remediation plans.
  • Leads large and small projects using project management skills.
  • Attend and participate in Change Advisor Board (CAB) meetings.

OTHER FUNCTIONS AND RESPONSIBILITIES
  • Demonstrates effective leadership while serving on College-wide and provincial task forces and committees on behalf of ITS as required.
  • Promotes the ITS security vision and solicits involvement in achieving higher levels of enterprise security through information sharing and cooperation.
  • Participates in community professional associations.
  • Create and maintain long-term relationships with key stakeholders.
  • Perform 3rd party security risk assessment on vendor solutions and service providers.
Qualifications
  • A Bachelors Degree in Computer Science, Information Systems, Business Administration, or related discipline along with a minimum of eight-years' experience leading an enterprise security strategy or an equivalent combination of education and relevant experience may be considered.
  • Progressive experience in a leadership role and a proven track record of strategic leadership and collaboration.
  • Certification in Project Management and ITIL practices would be beneficial.
  • One or more of the following security-related certifications is required:
    • GIAC Security Essentials Certification
    • GIAC Security Leadership Certification
    • ISACA Certified Information Security Manager
    • Microsoft Certified Systems Engineer: Security
    • (ISC)2 SCCP
    • (ISC)2 CISSP
    • (ISC)2 ISSAP


EXPERIENCE AND ABILITIES
  • Leadership experience in strategic decision-making and leading large, complex projects.
  • Extensive experience in security architecture design and implementation of security technologies.
  • Extensive experience in document creation and maintenance.
  • Experience in designing and implementing employee security awareness training.
  • Experience in developing business continuity and disaster recovery plans.
  • Experience in developing privacy impact assessments.
  • Strong technical knowledge of IP, TCP/IP, and other network administration protocols.
  • Experience in managing and motivating staff.
  • Broad technical knowledge relating to IT and cyber security practices, including OS and 3rd party software patching, firewalls, network configurations, phishing, and software hardening and deployment and imaging systems.
  • Experience in assessing and implementing CIS Controls, NIST and Defensible Security.
  • Experience in cloud infrastructure, networks, operating Systems and secure software development lifecycle.
  • Excellent leadership skills, including team building, planning and working through change and conflict resolution.
  • Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community.
  • Ability to effectively present ideas and technical concepts to a wide range of College stakeholders.
  • Knowledge of management principles and practices in a service environment.
  • Experience in interpreting the applicability of local and federal laws/regulations to the College's operations.
  • Sound understanding of the Freedom of Information and Protection of Privacy Act (FIPPA) and promotes and supports the application of FIPPA within the College.
  • Able to conduct research and prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations.
Capabilities
As a member of the College community with responsibilities to enable the achievement of College-wide strategic objectives, the Associate Director will demonstrate the core leadership capabilities identified in the College's Capability Framework:

Focus on Students and Their Success (Core)
  • We all have a role to play in promoting and supporting students - directly or indirectly - contributing to their success, education and transition as they build their path to the future.


Cultural Alignment (Core)
  • Inclusion and respect align with Camosun's traditions of lifelong learning and positive, supportive experiences for all. We examine our individual and institutional cultures and, through indigenization, consider other ways of knowing (thinking), being (approaches), doing (acting), and relating.

Fostering and Nurturing Relationships (Core)
  • Fostering and nurturing relationships is at the core of everything we do. Successful workplace relationships take time to develop and include building trust, engagement and collaboration.

Address College Needs (Leadership)
  • In order to address College needs leaders recognize and respond to the complex, diverse and interdependent components. Leaders inspire others to work individually and collaboratively to achieve departmental/divisional, College and sectoral goals.

Enable Self & Others (Leadership)
  • To better serve students and the college to achieve success, leaders enable self and others to take responsibility and to participate in learning and development opportunities.

Create Time and Space (Leadership)
  • To be at our best and achieve organizational goals, we need both time and space. Time and space as a unitary concept promotes opportunities to listen, plan, think, create, innovate and develop relationships.
SaveRemove
 SaveRemove
Apply now!

Similar offers

Searching...
No similar offer found.
An error has occured, try again later.

Jobs.ca network

close
Hrjob
Human Resources
Jobwings
Finance
Pmjobs
Project Management
Legaljobs
Legal
Paralegaljobs
Paralegal
Salesrep
Sales
Itjobs
Information Technology
Retail
Retail
Callcentrejob
Call Centres
Adminjobs
Administrative
Techjobs
Engineering
accountingjobs
Accounting
Bajobs
Business Analysis
Pharmajob
Pharmaceutical
Healthcarejobs
Healthcare
Aerojobs
Aeronautical
Parttime
Part-Time
Temporaryjobs
Temporary
Summerjobs
Summer Jobs
LogoWinterjobs_CMYK
Winter Jobs
Hospitalityjobs
Hospitality