IT Technical and Security Lead

Kinark Child and Family Services • Full-time • Markham, ON, CA • 3w ago

Job Description

Report to the Manager of IT or the Senior Manager of IT. This role is responsible to support Kinark User Base to Resolve Software, Hardware and Infrastructure and general technical Issues. Ensure Network availability/security.

Support our network and cloud infrastructure, security hardening, leading the research, implementation, infrastructure, and security improvements to Kinark IT.

Duties & Responsibilities:

Azure specialist that optimizes, improves, and resolves any issues with Kinark Azure AD, O365 and other MS applications, such as Intune, Autopilot, Azure Gateway
Responsible for Microsoft Azure secure configuration, hardening and monitoring
Serve as the escalation point for complex technical issues, troubleshooting and resolving them efficiently.
Ensure proper functioning of servers, routers, switches, firewalls, and other network devices.
Collects, consolidates, and analyses information required for the evaluation of cybersecurity maturity controls based on CIS platform. Identify opportunities for cybersecurity program optimization, growth, scalability, and improvements with recommended courses of action to support the current and future maturity goals.
Work with IT partners to conduct IT security threat and risk assessments, resolve security alerts, obtain maturity assessment results, and implement recommendations.
Support to resolve Azure, AAD, O365, SSO, Azure Gateway VPN and AD issues, Identity and Access Management (IAM), based on best practices and how to setup/support. In addition, Azure/Office 365 security hardening
Continuous improvement of Kinark systems security, tools, review of logs, troubleshooting of issues
Design, implement, and maintain a comprehensive security architecture to protect the confidentiality, integrity, and availability of information assets
Knowledge of CIS security standards/frameworks
Lead and participate in incident response activities, including detection, analysis, containment, eradication, and recovery
Conduct regular vulnerability assessments, prioritize, and remediate identified vulnerabilities, and ensure systems are resilient against emerging threats.
Develop and enforce security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices
Promote a culture of security awareness and provide training to staff on security best practices. Manage our phishing and training portal, campaigns and threat management
Work with vendors to conduct security audits and assessments to identify weaknesses and recommend enhancements. Lead and assist with partner PEN testing and security assessments.
Implement and manage security monitoring tools and processes to detect and respond to security events in real-time. Security Information & Event Management (SIEM), EDR and work with our MDR partner to resolve any alerts
Work closely with other IT Team members, Snr IT Manager and IT Support Lead to integrate security measures into the development and operational processes
Proficiency in implementing, configuring and adjusting policies, in network devices, including firewalls, switches, Fortinet and Cisco
Proactively participate in compliance support activities such as trainings, audit prep, playbook authoring and ensure business as usual (BAU)
Analyze complex security issues to improve the overall posture of the firm by evaluating new functionalities and ensure preparation for production implementation
Responsible for providing all levels of support for tactical and strategic related issues related to information security systems and services

Qualifications:

Computer Science or similar College Diploma or University degree
Certifications required:
Azure Solution Architecture
Azure Administrator
ITIL
Certifications that are nice to have:
MS 365 Associate
CISM, CISA, CIRS, CISSP, CEH
CCNA
10+ years of total experience with minimum 3+ years Azure and Security
Knowledge of current Azure cloud
One or more certifications in Microsoft 365
AD, AAD/O365/Intune/Azure Gateway, AD, IAM/MFA
Virtualization
Firewalls, AP and switches
CIS framework, Security hardening, architecture, response, and monitoring
Security awareness and phishing campaigns
Security policies and procedures

Additional Skills & Qualifications

Technical knowledge of a range of IT systems, applications, hardware, software and products.
Knowledge of emerging and leading practices in technical design and IT service delivery models.
Demonstrated experience with operational support, troubleshooting, root cause analysis, risk and impact analysis and issue resolution.
Ability to multi-task and prioritize across a number of projects and activities.
Knowledge of business operations and business practices to facilitate IT solution development and implementation.
Knowledge of project management best practices in an IT environment.
Solid customer service and relationship management skills; Interface with internal and external customers, stakeholders and vendors to meet corporate service standards
Solid Communication skills; ability to advise and consult on sensitive issues at all levels
Solid negotiation skills; ability to negotiate with internal and external stakeholders to ensure optimal resources are in place to meet corporate service standards
Solid presentation skills; Facilitate complex concepts in a clear and concise manner
Solid organizational skills; Detail oriented and able to prioritize complex issues and activities to meet critical deadlines with conflicting priorities and timelines
Solid analytical skills for complex problem solving and implementation of new solutions/services
Familiarity with the CIS benchmarks and how to monitor and remediate deficiencies