SCOPE

Reporting to the Associate Director, Cyber Security Operations, the incumbent manages the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of information security. Responsible for the physical protection of assets, information technology access control systems and information protection which includes network security architecture, network access and monitoring policies.

QUALIFICATIONS

• Bachelor’s degree in computer science with four to seven relevant years of experience.
• Knowledge of Window/Macintosh/Unix/Linux system administration in a networked environment.
• Knowledge of network technologies.
• Must have an absolute discretion about IT security incidents
• Must have good analytical and problem-solving skills. Committed to working in a structured environment where teamwork is essential.
• Must be able to work under pressure while maintaining harmonious relations with co-workers.
• Good knowledge (Level 4) of spoken and written English and French
• Able to work with various investigation bodies.
• Certified Security Professional certified (SSCP, CISSP, GIAC or other recognized security certification) an asset.
• Knowledge of international security standards and best practices (ISO27001, FISMA) an asset.
• Knowledge of Quebec (« Loi sur la protection des renseignements personnels ») and Canadian law (Privacy Act, PIPEDA) an asset
  Apply using the following link:
  https://career17.sapsf.com/sfcareer/jobreqcareer?jobId=1664&company=universitc
  Job Type: Full-time
  Pay: $102,236.59-$122,130.85 per year

Benefits:

• Company pension
• Dental care
• Disability insurance
• Employee assistance program
• Extended health care
• Life insurance
• On-site gym
• Paid time off
• Tuition reimbursement
• Vision care
• Work from home

Work Location: Hybrid remote in Montréal, QC H3H 2T

• Perform IT security audit and lead vulnerability assessment, monitor audit corrective action plan.
• Monitor external technology security risks (e.g. virus vulnerabilities) and review technology trends.
• Develop a set of information security policies.
• Build and maintain an information security awareness program.
• Setup a security incident response team and review on procedures on an ongoing basis.
• Provide security monitoring procedures and ensure IT staff monitor systems on a regular basis.
• Participate in solution architecture review and ensure security requirements are met.
• Define IT security standards.
• Monitor IT security risks and produce reports (e.g. risk report, monthly dashboards).
• Participate in the implementation of an IT disaster recovery plan (DRP). Participate in the DRP annual tests.
• Identify objectives and metrics consistent with the strategic plan.
• Work with outside consultants when required for independent security audits.