Job Description

Position Details

Position Information

Position Title Manager, Information Security
Posting Number 02102SA
Location New Westminster Campus
Grade or Pay Level A - Pay Band 11
Salary Range Min: $89,455; Control Point: $119,273; Max: $131,201. Placement within a salary band is typically up to the Control Point based upon a review of skills, experience and internal equity. The College may place over the Control point in limited circumstance
Position Type Administration - Regular
Posting Type Internal/External
Regular/Temporary Regular
Employment Type Full-Time
Posting Category Administration
Start Date 02/19/2024
End Date
Day of the Week Mondays to Fridays
Shift 8:30 am - 4:30 pm
Work Arrangements

This regular full-time position is available as of February 19, 2024. Regular hours of work are 8:30 am to 4:30 pm, Monday to Friday; however occasional evenings and weekends may be required.

Travel between Douglas College\'s locations and to other locations in the lower mainland as required.
What Douglas Offers

DO what you love. Be good at it. That\'s how Douglas College defines a great career. It\'s a philosophy that resonates through our classrooms, our offices and our boardrooms. It inspires our students and drives us to make Douglas College one of BC\'s Top Employers. We love what we do. And we\'re looking for passionate, motivated people to join us in making one of Canada\'s best colleges even better.
The Role

Reporting to the Associate Director, Information Security, the Manager, Information Security is responsible for the development and management of Cyber Security at the College through working with people, processes, and technologies. The role manages College-wide IT security activities to protect the College from cyber threats and meet business needs of the College. The position leads cyber incident response and investigations and serves as a security champion within the Centre for Educational & Information Technology (CEIT) and in other departments.
Responsibilities

Under the general direction of the Associate Director, Information Security, the Manager, Information Security:

• Participates in the development and implementation of strategies, plans and procedures related to Information Security and Information Technology. Ensures IT Security activities are aligned with Information Security and CEIT strategies and College strategic plan.
• Manages IT security activities and allocated resources, including funds, facilities and supervises technical staff and contractors. Ensures funds are used in accordance with the College policies, and operates within allocated budgets.
• Manages staff, overseeing and participating in recruitment and selection, coaching, mentoring, training and development and performance management and disciplining where appropriate. Provides effective leadership and technical direction fostering a collaborative and service-oriented culture to ensure a positive customer experience.
• Contributes to effective employee and labour relations by administering the collective agreement, representing management in the grievance process and consulting with Human Resources regarding collective agreement interpretation, as appropriate.
• Creates and manages internal financial budgets and acquisitions as related to IT security activities.
• Provides direct and indirect leadership on IT security to CEIT managers, and direction and expertise on projects to teams, College departments, and to end users.
• Implements cyber security technologies for use across College academic and administrative units which protect IT services delivered to all stakeholders of the College.
• Plans, leads and executes risk assessments to determine the security of the College\'s data and infrastructure for existing systems, and those being considered for purchase or implementation.
• Manages security related events including detecting and responding to security alerts and incidents.
• Leads cyber incidents response including coordinating mitigation activities, performing high-level forensic analysis, and engaging with external cyber security vendors for detailed forensic checks.
• Manages security of College data and systems in a cloud environment. Designs cloud aware security architecture and implements appropriate cloud security tools.
• Collaborates with CEIT teams and other departments to design and develop security processes.
• Develops relevant operational reports and KPIs; analyzes data produced by security systems; and ensures timely deliveries of reports and KPIs to designated audience.
• Manages and leads vulnerability management process: stays current with new vulnerabilities, performs vulnerability assessments, analyses findings, establishes priorities, and coordinates remediation activities.
• In collaboration with the Associate Director, Information Security and CEIT leadership team, develops College-wide IT security policies; develops, documents, tests, implements, and executes IT security processes, methodologies, and controls in relevant areas.
• Monitors enforcement of cyber security policies and practices to ensure the confidentiality, integrity, and availability of College\'s information resources.
• Ensures proper maintenance of configuration of security tools and supports overall system hardening.
• May act on behalf of the Associate Director, Information Security in their absence.
• Performs other related duties.

To Be Successful in this Role You Will Need

• Bachelor\'s degree in Information Technology and completion of professional credentials including Certified Information Systems Security Professional (CISSP) and Certified Information System Auditor (CISA)
• A minimum of five years managerial work experience (preferably in a unionized, public-sector environment)
• Minimum of 5 years\' experience directly related to information security
• Demonstrated ability to supervise and lead including the ability to mentor, develop and train employees and organize and assign work
• An equivalent combination of training and/or experience may be considered
• Strong knowledge of information security industry standards and relevant legislations such as: NIST CST, ISO 27000, CIS CSC, FOIPPA, PCI-DSS, COBIT
• Strong knowledge of IT Security technologies, such as endpoint protection, email security, IPS, SEIM, application (including ERP) security, database security
• Strong knowledge of Microsoft O365, M365 and Microsoft security tools
• Knowledge of various cloud security methods and tools
• Working knowledge of business and technical risks, and current computer security issues and trends
• Excellent research and analytical skills to track and predict trends in cyber security
• Strong leadership, analytical and problem-solving skills
• Proven ability to exercise tact and diplomacy, confidentiality, and conflict resolution skills
• Proven ability to influence throughout the organization without direct authority
• Proven interpersonal skills with the ability to work independently and collaboratively as a member of a team
• Ability to establish and maintain effective working relationships with staff at all levels throughout the organization
• Excellent customer service skills with a proactive, problem-solving approach
• Excellent organizational and time management skills and ability to prioritize and manage several time-sensitive issues at a time
• Strong oral, written and presentation/facilitation skills; ability to communicate at technical and non-technical levels while working with projects and teams
• Strong project management and change management skills; ability to direct multiple complex technology projects including developing proposals and budgets, project planning and implementation
• Ability to translate business requirements into technical and managerial security controls
• Demonstrated ability to interpret and apply policies and regulations

Link to Full Position Profile
Equity Statement

Douglas College is committed to fostering a diverse, inclusive and equitable learning and working environment. In support of this journey, we welcome all people to apply, including people from groups that are experiencing inequity, including, but not limited, to Indigenous Peoples, racialized or persons of colour, persons with mental or physical disabilities, persons who identify as women, and/or persons of marginalized sexual orientations, gender identities and expressions, and persons of all faith identities, age, marital status, and parental status.
Needs a Criminal Records Check No

Posting Detail Information

Open Date 01/22/2024
Close Date
Open Until Filled Yes
Special Instructions to Applicant

Interested applicants must submit their application and all required documents online on the Douglas College Career Site .

Qualified internal applicants shall be given first consideration in filling the position.

Please ensure your resume clearly explains how you meet the required knowledge, skills and abilities of the position for which you are applying.

All candidates selected for interview will need to bring original certificates and diplomas of educational credentials noted on their resume.
Quick Link for Direct Access to Posting

Douglas College