Manager, Information Technology Security
Reporting to the Director, IT Security and Project Management, the Manager, Information Technology Security is responsible for leading the security practice within ITS and providing a recommended strategic security framework that is tailored to meet the needs of Humber.
The manager will engage with subject matter experts and the ITS management team to gain a deep understanding of the business and to identify systems, processes and information technology resources requiring information technology security protection. This understanding will inform their efforts to lead collaborative planning processes to establish an inclusive and comprehensive information technology security program that includes a security strategy and policy, goals, priorities, metrics, reporting and standards. They will lead and project manage security related projects and initiatives that further the goals of the information security program. They will establish and report on annual and long-range information technology security and compliance goals, create maturity models and a roadmap for continual program improvements and track and measure the effectiveness of implemented security policy, practices and standards.
They will stay abreast of information security issues, counter measures, threats and mitigation strategies, and regulatory changes affecting higher education, and educate the Humber community as necessary on a regular basis about these topics.
As the ideal candidate, you bring significant IT Security experience in a large, complex organization, coupled with a degree in Computer Science, Project Management, or a related field. Your exceptional interpersonal and communication abilities and extensive experience in enterprise security have enabled your success thus far. You thrive in a dynamic, fast paced environment with multiple stakeholders and where new, innovative initiatives are introduced on a regular basis. You are a proven leader with the ability to engage stakeholders in collaborative decision making processes. Energetic, results oriented, and customer focused describe you well. No stranger to system wide change management initiatives, you are excited by opportunities to play a leading role in helping to take your organization’s security acumen, protocol and policy to the next level.
You possess a post-secondary degree in Computer Science/Project Management, or equivalent training and experience. A minimum of 7 years of work-related experience is required, along with Information Systems Audit Control Association (ISACA) and Certified Information Systems Security Professional certifications. PMP certification is considered an asset. The incumbent will have extensive experience in enterprise security architecture design and document creation, experience in a unionized, public sector environment, designing and delivering employee security awareness training, interviewing staff, performing security vulnerability scans, reviewing applications and operating system access controls and analyzing physical access to the systems. Additional qualifications include experience in developing Disaster Recovery Plans, knowledge of national and international regulatory compliances and frameworks such as ISO and PCI DSS, business continuity planning, risk management, performance monitoring and management, vendor/contract negotiation and security information. Experience with PCI audits is considered an asset.
Director, ITS Project Management
Information Technology Services
To Be Determined