Position Type:
Regular Full Time (RFT)
Closing Date:
February 27, 2026
Salary/Wage Range:
$101,881.00 - $127,351.00
Working for the City of Burlington
A great career is closer than you think. Come work for the City of Burlington, where you'll be joining an innovative and progressive workplace focused on building a 21st century city that respects the diversity of our residents, visitors and employees; and prioritizes continuous opportunities for you to learn and grow.
We don't just spend time attracting the best talent. We spend time and resources to keep the best talent. This may include: flexible working hours, mobile and hybrid working arrangements, a great pension and benefits package, as well as programs to foster innovation and leadership.
Type of Vacancy
Existing Vacancy
Hours of Work
35 hours per week
Department
Burlington Digital Services
Location
This position is eligible for a hybrid work model. When attending an event or meeting in person, your primary office location will be based out of City Hall – 426 Brant Street, Burlington. Work location is subject to change at the discretion of the City due to operational demands. Effective 2026 this role will be required to be on site 50% of the time each month.
Position Overview
Reporting to the Manager, Information Security, this role is primarily responsible for providing security technical subject matter expertise. This position must ensure all Information Security program policies and procedures within the Corporation are implemented and appropriately applied in order to maintain security in balance with user, business and system goals. As a member of the Burlington Digital Services (BDS) Security Team, the role will be responsible for a broad range of information security work including risk and compliance management, maintenance of policies and standards, user education, conducting threat and risk assessments and coordinating remediation.
Responsibilities
- Specific knowledge of risk management principles and models as they pertain to the use of information technology.
- Work with business service owners to align the BDS organization with business unit security and compliance needs.
- Assist in the development and enforcement of security and compliance policies, standards and guidelines.
- Maintain a risk management framework to track and measure the City’s risk posture.
- Support the Information Security Program strategic objectives and continuous improvement in key areas, including; Identity Access Management, Risk Management, Security Awareness, and Incident Response.
- Respond to information security incidents and determine the root cause to support the Incident Response Plan.
- Identify weaknesses in security controls across various applications, systems and networks and develop mitigation measures.
- Research and maintain current knowledge of new technology trends, information security and cyber risks in order to recommend solutions that improve business processes and service solutions.
- Conduct security and threat risk assessments and security evaluations, as well as coordinate external third-party assessments for new and existing IT infrastructure elements.
- Establish information security metrics, gather data, develop reports and proposals and make recommendations to BDS management for effective decision-making.
- Promote security and privacy awareness program and good data protection practices to safeguard the City’s informational and technology assets.
Requirements
- Post-secondary degree or diploma in Information Technology, Computer Science, Engineering, Business or related degree;
- Certifications in one or more of the following areas is preferred: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and/or Certified in Risk and Information Systems Control (CRISC);
- 5 years of broad and progressive information security experience in an enterprise environment including: security analysis, risk management, incident response, system design and architecture required;
- Demonstrated experience conducting security assessments, implementing information security recommendations, analyzing technical controls and applying security control standards;
- Experience with performing risk analysis through the use of reverse engineering and open source security tools is also required;
- Must have experience with applicable Industry Standards and Frameworks; specifically Information Technology Infrastructure Library (ITIL), Centre for Internet Security Critical Security Controls (CIS CSC), NIST Risk Management Framework (RMF), and NIST Cybersecurity Framework (CSF).
Police Check Requirement
This position requires the successful candidate to provide a clear criminal record check at their own expense.
Accommodations
In accordance with the Accessibility for Ontarians with Disabilities Act, the City of Burlington accommodates the individual needs of applicants with disabilities within the recruitment process. Please call us at 905-335-7602 or email us at: hr@burlington.ca if you require accommodation to ensure your equal participation in the recruitment and selection process.
Note to Applicants:
We thank all those who apply for positions, but only those applicants who are invited for an interview will be contacted.
