Systems and Security Technical Lead

at  University of Toronto

Date Posted: 01/30/2025
Req ID:41494
Faculty/Division: Faculty of Arts & Science
Department: Citizen Lab
Campus: St. George (Downtown Toronto)

ABOUT US:

The Faculty of Arts & Science is the heart of Canada’s leading university and one of the most comprehensive and diverse academic divisions in the world. The strength of Arts & Science derives from our combined teaching and research excellence in the humanities, sciences and social sciences across 29 departments, seven colleges and 46 interdisciplinary centres, institutes and programs.
We can only realize our mission with the dedication and excellence of engaged staff and faculty. The diversity of opportunities and perspectives within the Faculty reflect the local and global landscape and the need for curiosity, innovative thinking and collaboration. At Arts & Science, we take pride in our legacy of innovation and discovery that has changed the way we think about the world.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research, development, and high-level strategic policy and legal engagement at the intersection of information and communication technologies, human rights, and global security. The Lab uses a “mixed methods” approach to research combining practices from political science, law, computer science, and area studies. Our research includes investigating digital espionage against civil society, documenting Internet filtering and other technologies and practices that impact freedom of expression online, analyzing privacy, security, and information controls of popular applications, and examining transparency and accountability mechanisms relevant to the relationship between corporations and state agencies regarding personal data and other surveillance activities.

EDUCATION:

University degree in a relevant field, (e.g. Computer Science, Engineering), or equivalent combination of education and experience.

EXPERIENCE:

• Six (6) years working in an Information Technology environment, including at least two years working with Information Security as a significant focus of activity.
• Requires broad and in depth knowledge of industry innovations and state-of-the-art technology in both computing and networking arenas.
• IT Security certifications held or in progress is an asset. High performance computing systems management and networking is highly desirable.
• Expert understanding of client and server application deployment and support.
• Strong understanding of client and server activity tracking.
• Strong understanding of IT Architecture concepts and security methodologies.
• Experience auditing systems for compliance (PCIDSS, PA-DSS, etc.).
• Experience drafting information security standards and guidelines, assessing risk management and determining controls.
• Experience in administering enterprise-level Unix-based server applications.
• Strong Scripting skills required including Shell and interpreted languages.
• Experience with application / scripting tools (bash, Python).
• Experience configuring databases and database-backed applications (SQL Server, MySQL).
• Extensive experience using network and security analysis tools.
• Extensive experience with intrusion detection and prevention – host and network, active and passive.
• Experience in selecting, configuring and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).
• Experience running penetration testing and vulnerability scanning (Metasploit, Nessus, etc.).
• Experience with deploying, configuring and securing virtualized environments, and services running in it.

SKILLS:

• Expert level understanding of the Linux operating systems at both server and client level.
• Comprehensive knowledge of TCP/IP networking and client-server architecture and protocols.
• Strong understanding of network configuration, hardware and next-gen firewall/IPS technologies (Cisco ASA, Juniper, Fortinet, Palo Alto)
• Expert level understanding of the following access control technologies – LDAP and Kerberos.
• Expert knowledge of Virtual Private Networks (VPNs). Expert knowledge of Encryption technologies at network, file and file-system levels.
• Strong understanding of cryptographic certificates and the operation of certificate authorities.
• Excellent communication, instruction and presentation skills.
• Able to describe a variety of complex technical concepts or policies to users and senior leadership at all technical experience levels and to deliver security awareness and education content to faculty, staff and students.

Please refer the Job description for details