Please Note: If you are a current Algonquin College employee, apply to this job via the Workday application.
Department
IT Operations (Sam Law)
Position Type
Full-Time Administrative
Salary Range
$92,710.00-$123,614.00-Annual
Scheduled Weekly Hours
36.25
Anticipated Start Date
March 06, 2023
Length Of Contract
n/a
Posting Information
This job posting is now accepting applications from all qualified individuals.
Posting Closing Date
January 2, 2023
Please note: jobs are posted until 12:01 am on the job closing date.
Job Description
- Any applicants who applied to this posting (R141960) before Nov. 28, 2022 are not required to re-apply***
- Please note that applicants must submit their application by the evening before the closing date mentioned above. The posting closes at 12:01am on the morning of the closing date***
Digital citizenship is at the heart of Algonquin College’s mission to “transform hopes and dreams into lifelong success”. Reporting to the Associate Director, IT Operations, within the College’s Information Technology Services (ITS) Department, the Manager of Information Security works collaboratively to ensure that students, staff and faculty information are secure and kept private. This position is vital to the organization and key to helping realize the corporate vision of being “a global leader in personalized, digitally-connected experiential learning”.
The Manager of Information Security is responsible for researching, identifying, evaluating, developing, monitoring and maintaining enterprise-wide information security, cyber security and data privacy programs to help ensure that the College’s corporate information assets, personal information, and technology (including infrastructure, systems, applications, and third-party solutions) are appropriately protected.
The Manager of Information Security is responsible for identifying, evaluating and reporting on cyber risks as well as legislative and regulatory compliance requirements while supporting and advancing IT transformation and enterprise strategy and objectives. The Manager of Information Security acts as a senior advisor to IT management, College senior and executive management, and College Board of Governors on College-wide information security programs, processes and ongoing improvements. A key element of the Incumbent’s role is working with the executive management and Board of Governors to determine acceptable levels of cyber risk.
The incumbent develops the overall security governance, strategy, policies, standards, and procedures as they pertain to the creation, storage, access, and administration of information, information technology (IT), and operational technology (OT). The scope of responsibility encompasses all information whether paper based; that which is created, managed and stored within College technology systems; and that which is entrusted to partners and service providers. The Manager of Information Security co-manages the intersection between digital and physical security.
The incumbent oversees and directs the cyber security organization, including solid and dotted-line employees, co-op students, consultants and contractors, in order to assess the threats and risks, develop policies, create and deliver education, training and awareness programs; ensure compliance with legislation, regulation and industry standards; undertake security advising and consulting; conduct system vulnerability assessments; develop IT disaster recovery plans; manage security incidents and data breaches; undertake investigations and audits; and review findings and propose risk mitigation. The Manager of Information Security collaborates on enterprise IT solutions and leads strategic cyber security projects to mitigate cyber risks.
The Manager of Information Security provides thought leadership and professional expertise to support the development of the College’s Algonquin Centre for Applied Cyber Security.
The Manager of Information Security deals with highly confidential information on a regular and routine basis.
Required Qualifications
- Minimum four (4) year degree in Computer Science, Management Information Systems, Computer Engineering or equivalent degree within the Information Technology domain;
- Formal education in Cybersecurity (certificate, courses, etc,). A Certified Information Systems Security Professional (CISSP) designation or other equivalent industry recognized senior security certification is preferred;
- Minimum nine (9) years’ experience in an Information Technology environment;
- Minimum nine (9) years’ leadership experience with demonstrated success in a transformation/high performance environment;
- Minimum nine (9) years’ technical hands on experience with operating system and networking security, incident response, malware management, vulnerability management, application security, process analysis and engineering, policies and governance experience;
- Experience in managing the delivery of Cybersecurity and Information Privacy initiatives as well as Information Technology projects (e.g. ERP systems, IT Infrastructure, End-use Computing, Audio-Visual Systems) is preferred;
- Excellent communications skills, both verbal and written to support the Associate Director of IT Operations and Chief Digital Officer (CDO) in communicating the value proposition of Information Security at all levels at the College;
- Comprehensive knowledge base of the best practices and processes pertaining to managing information technology within a management framework. E.g. ITIL;
- Ability to comprehend management goals and visions set out by the CDO and place them in action within this context;
- Experience with the agile development, lean management and continuous improvement processes and methodologies;
- Practical experience conducting information and information systems audits;
- Project management experience, in particular planning and administering projects that span internal and external stakeholders and participants on tight deadlines;
- Experience working collaboratively in an environment with multiple stakeholders and intersecting responsibilities, especially under pressure situations through a complaint or incident response and investigation. Cooperating stakeholders within the College include Finance (FOI, compliance, etc.), Learning and Teaching Services (copyright, academic practice, etc.), Advancement (web services) and Physical Resources (physical security and premise / device access);
- Skilled in developing information security policies, standards and procedures, as well as skilled in developing and executing programs that meet the objectives of excellence in a dynamic business environment;
- Demonstrated experience in leading technology teams ideally in large, complex industries;
- Strong vendor negotiation and management experience;
- Passionate about people. You find meaning in relationships and surround yourself with a diverse network of team members and partners;
- Builds trust through respect and authenticity. You have a passion for client service and desire that the work you do each day results in a positive client experience;
- Coaching is in your blood. In an emergency you will roll up your sleeves and be prescriptive but your natural state is as a coach and mentor with experience teaching, evaluating and assessing;
- Committed to life-long learning with strong and demonstrated business acumen, applied research and entrepreneurial skills;
- Strategic leadership skills and ability to act as a corporate visionary and change agent;
- Team building and management skills, financial and budget management skills, contract negotiation and management skills, project management skills, and scheduling and resource management skills;
- Skilled in developing information security policies, standards and procedures, as well as skilled in developing and executing programs that meet the objectives of excellence in a dynamic business environment;
- Skilled in influencing entities and decisions in situations where no formal reporting structures exist, but achieving the desirable outcome is vital;
- Ability to act calmly and competently in high-pressure, high-stress situations such as security incident response and data breach management;
- Knowledge and understanding of and ability to interpret and create actions from relevant legal and regulatory requirements, including the Freedom of Information and Protection of Privacy (FIPPA) Act, the Personal Health Information Protection Act (PHIPPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), the Copyright Act, the Canadian Anti-Spam Legislation (CASL), and Payment Card Industry Data Security Standard (PCI DSS);
- Excellent analytical skills, the ability to manage multiple projects under strict timelines and the ability to work well in a demanding, dynamic environment to meet overall objectives.
- This position is at Payband 12
- Vacancy is for P02099
- This job is suitable for a combination of remote and onsite work.
Algonquin College values diversity and is an equal opportunity employer. We offer an inclusive work environment and encourage applications from all qualified individuals. If you require accommodation during the recruitment process please contact the Human Resources department at humanresources@algonquincollege.com. While we thank all those who apply, only those to be interviewed will be contacted.