Information Security Manager (Research)

RSS

TERM Assignment:

Carleton University also welcomes applications from continuing employees. If a Continuing employee is the successful candidate, this assignment will be considered a Career Development Assignment, and the successful candidate must obtain a leave of absence from their current and substantive position, where applicable. Permission for such leave must not be unreasonably withheld.

OPEN Competition. Please note, the position will be posted until filled. Resumes will be reviewed often with the first round of interviews scheduled for the end of February.

 
 
 
 
 
 
 
 
 
 
 
 




Duties and Responsibilities:

Reporting to the Director, Information Security, the Information Security Manager (Research) will provide leadership and work in partnership with research groups and individuals across the university to understand policies, assess security risk, establish strategic direction and provide direction on priorities. The incumbent will also have an advisory role and provide direct consultation to the Director, Information Security as well as the CIO and VP Research and International. The incumbent will interact with members of the University community, more specifically the research community, to continually evolve and ensure compliance with the University’s information security policies and the regulatory environment.

The Information Security Manager (Research) will serve as the subject matter expert for information security on key research security initiatives within the University. This position requires a thorough knowledge of Information Security including access control, cryptography, security operations, communications security, system development and maintenance, computer architecture, information security management, systems security law, investigation protocols, and application program security.


The Ideal Candidate:
The ideal candidate is a hands-on leader with analytical and communication skills capable of working directly with Carleton’s research community and central IT group to develop strategy and technology to safeguard sensitive and confidential research data. Possessing an information security background, this candidate should be is able to demonstrate subject matter expertise with Information Technology system weaknesses, technology safeguards and controls, information security best practices, standards, governance and incident response.

An innovator and thoughtful leader you are adept at analyzing system processes and providing technology solutions which increase an institutions security posture. Armed with a thorough knowledge of Information Technology systems, you enjoy working with individuals and project teams to determine how well architected infrastructures, governance and awareness can support successful project charters and implementation outcomes.

Qualifications:

The incumbent must possess the following qualifications:


• Proven experience in planning, organizing, and developing Information security and facility security system technologies.
• Experience in planning and executing security policies and standards development.
• Excellent knowledge of technology environments, including information security, building security, and defense solutions.
• Considerable knowledge of business processes, management, and production operations.
• Substantial exposure to varying hardware platforms, and enterprise software applications.
• Experience with systems design and development from business requirement analysis through to day-to-day management.
• Excellent understanding of project management principles.
• Demonstrated ability to apply IT in solving security problems.
• In-depth knowledge of applicable laws and regulations as they relate to security.
• Proven leadership ability.
• Ability to set and manage priorities judiciously.
• Excellent written and oral communication skills.
• Excellent interpersonal skills and ability to communicate clearly from the technical level to executive management.
• Strong conflict management and negotiating skills.
• Superior analytical, evaluative, and problem-solving abilities.
• Exceptional service orientation and customer focused.

As the Information Security Manager (Research) will be exposed to day-to-day operational needs, the following more specific skills are required:

• Experience with risk management concepts.
• Experience with project management principles and in the management of medium sized projects.
• Exposure to Information security infrastructure implementation.
• Substantial knowledge of Operating System security.
• Experience with Information Security Incident Response.
• Strong Network and telecommunications security.
• Strong understanding of emerging threats and countermeasures.
• Experience in Business Continuity Planning/Disaster Recovery Planning.

Education and Experience:

The above is normally acquired through the completion of:

• Completion of a Bachelor’s Degree (B.Sc.) in computer science, information technology, information management, or a related field. Other education and direct information security experience may be considered.
• Six (6) to ten (10) years’ progressive experience in computing and security with Internet technologies and security issues including:
o Solid understanding of information technology and information security (e.g. firewalls, VPNs, vulnerability assessments, access control and security devices), risk analysis and risk management,
o Experience with conducting information security audits and implementing recommended security controls,
o Three (3) to five (5) years of supervisory experience are preferable.

• A Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), or Certified Information Systems Manager (CISM) would be an asset.

HR Note:

Equivalencies will be considered. Applicants are encouraged to provide information which may demonstrate equivalent qualifications. Please note that applicants may be required to complete an employment test as part of the selection process for this position. Those applicants that are selected for an interview will be requested to contact the Human Resource Advisor assigned to this competition as soon as possible to discuss any accommodation requirements. Arrangements will be made to accommodate your request in a timely manner. Carleton University is strongly committed to fostering diversity within its community as a source of excellence, cultural enrichment, and social strength. We welcome those who would contribute to the further diversification of our University including, but not limited to: women; visible minorities; First Nations, Inuit and Métis peoples; persons with disabilities; and persons of any sexual orientation or gender identity and expressions.






Please answer all of the following questions before applying

*1. Have you complete a bachelor's degree in computer science, information technology, information management or a related field?
*2. 
*3. Do you have experience in information security?
*4. Do you have experience conducting information security audits and implementing recommended security controls?
*5. 
*6. Do you have a current and valid certification? Select from the list below.

* Question numbers in red and with an asterisk indicate mandatory questions (answer is required).









Please confirm that you have updated your candidate profile, if you are a returning applicant. Please note your profile includes important screening information.


Applicant Tracking System