Cyber Security Manager

Infrastructure Ontario (IO), an Ontario crown corporation, provides a wide range of services to support the Ontario government’s initiative to modernize and maximize the value of public infrastructure and realty. IO has been recognized domestically and internationally for the way it does business and the success it has had with its major projects, real estate services, infrastructure lending, commercial projects, and development mandate. IO delivers some of the most complex, ambitious commercial and land development solutions for the Province and continues to evolve and expand its capabilities to maximize its public impact and deliver on its vision of Creating a Connected, Modern and Competitive Ontario.

Technology matters more than ever, and the Information Technology (IT) team is at the forefront of driving progress, change and innovation at IO, making it a stimulating and rewarding career choice. As a technology professional, you will have the opportunity to work on exciting technology and business projects, solve complex problems, and make a real impact on the way we operate and work. We are expanding our technology offerings and capabilities, moving to the cloud, improving our cyber security posture, enhancing our data capabilities, and evolving our support and operating model to ensure we meet the needs of a dynamic business. Here, you will be a part of a team that supports each other, partners and collaborates with multiple vendors and IO businesses, and provides a variety of opportunities to learn, grow, and make a meaningful impact on the province.

Reporting to the Director Cybersecurity and IT Risk, the Cyber Security Manager will lead vulnerability management, IT risk management and IT audits and the mitigation of risk, vulnerabilities, and audit gaps within agreed upon timelines.

What You Will Do:

• Manage security threat & alert analysis, threat remediation and timely reporting by the combined team of inhouse and service provider’s resources.
• Ensure that the service provider creates, maintains, and updates the playbooks for the remediation of most frequently occurring threat alerts
• Conduct quarterly health check on the cybersecurity tools such (SIEM, Anti-Malware, firewalls) and ensue that those are configured optimally
• Lead the incident management by a combined team of in-house and MSSP resources to contain and remediate the threat in timely manner.
• Ensure timely vulnerability management and patch management for IT assets such as servers, mobile phones, laptops, and network infrastructure in a virtualized and cloud hybrid environment
• Facilitate IT Risk identification and prioritization by managed security service provider and ensures the high quality of the Risk log, Monitor risk exceptions
• Facilitate Annual audits by external auditors and lead the subsequent gaps remediation.
• Create high quality reports for executives on weekly and monthly basis.
• Represents Cyber Security in the projects, to ensure that the application or solution being implanted in alignment with Security reference architecture and best practices.
• Facilitates security deliverables for projects such as Penetration testing and architectural review
• Manages Security tools and services procurement, deliverables of security vendors, and create vendor performance metrics
  
  
  
  
  

What We’re Looking For:

• Advanced Cyber Security operations, threat, and incident management experience
• AZ-500 [ MS-100 & MS-101], CEH certifications highly preferred
• Experience with Microsoft Sentinel, Purview, Intune, and Defender is highly desirable
• Familiarity with Firewalls, Web-Application-Firewalls and Web monitoring tools is an asset
• Ability to work with minimum supervision including delivering output without reminders
• Ability to manage conflicting priorities and meet the target dates
• Strong Managed Service Provider relationship management skills
  
  
  
  
  

What's in in for you:

• Commitment to creating a diverse, equitable and inclusive culture that promotes a sense of belonging and represents and reflects the needs of the communities we serve
• A flexible, hybrid work approach that allows colleagues to find balance between their professional and personal lives and making the most of the benefits of working remotely and purpose-driven in-person collaboration opportunities
• A defined contribution pension plan, where IO contributes the equivalent of 5% of a full-time employee’s annual salary, with an option for IO to match an additional 5% contribution made by the employee. IO also offers a Group Retirement Savings Plan and Group Tax Free Savings Account, designed to help IO colleagues plan and save for their future
• A comprehensive package that covers health, dental, vision, out-of-country care, paramedical services, and more
• A pregnancy and parental leave program that offers expecting, eligible employees a top-up to 95% of their annual base salary for 31 weeks, and our parental leave program offers eligible employees a top-up to 95% of their annual base salary for 15 weeks
• Access to our $1000 Healthcare Spending Account to top up expenses not covered in the benefits program and a Lifestyle Account that expands the eligibility of health and wellness options and can include coverage for gym memberships and fitness equipment, nutrition counselling or financial planning
• Support for professional development opportunities for all colleagues through a broad range of learning programs that include in-person and online training, leadership development, and support for colleagues’ well-being. IO will also cover the costs associated with up to two membership and license fees per year for eligible colleagues if directly related to the employee’s role
• Access to a suite of virtual healthcare options to support non-urgent medical needs
• A convenient, central location at 1 Dundas St West, easily accessible by public transit
  
  
  
  
  

This posting will close on April 25th 2024. .

The salary range for this position is $95,000 to $142,500 with a corresponding job level of P5.

Exact compensation may vary based on skills, knowledge and experience

Interviews will be conducted on a rolling basis until the position is filled.

At Infrastructure Ontario, we strive to create a culture that encourages a diverse equitable and inclusive environment that fosters belonging. We believe that experience comes in many forms and through learning from each others’ differences and perspectives gives us strength. We are committed to enhancing our culture and encourage applications from all walks of life. Let us know if you require any accommodations for the selection process, by contacting the Talent Acquisition Team.

Candidates who are members of Indigenous, Black, racialized and 2SLGBTQ+ communities, persons with disabilities, and other equity deserving groups are encouraged to apply, and their lived experience will be taken into consideration as applicable to the posted position.

By submitting your application you are granting Infrastructure Ontario permission to process your personal data during the recruitment process and for keeping records of the process. Infrastructure Ontario may share your personal data internally to appropriate persons involved in the recruitment process and to third parties where there is an administrative or lawful basis for doing so. Provided that Infrastructure Ontario does not have any lawful reason to continue processing your personal data, you may make a formal request to rectify, erase or restrict (the processing of) your personal data.