Job Description

Position Details

Position Information

Posting Number 23AC0018
Title Manager, IT Security
Pclass # A9914
Job Summary

Who We Are

We acknowledge that Vancouver Community College (VCC) is located on the traditional unceded territories of the x\xca\xb7m\xc9\x99\xce\xb8k\xca\xb7\xc9\x99y\xcc\x93\xc9\x99m (Musqueam), S\xe1\xb8\xb5wx\xcc\xb1w\xc3\xba7mesh (Squamish), and s\xc9\x99lilw\xc9\x99ta\xc9\xac (Tsleil-Waututh) peoples who have been stewards of this land from time immemorial.

For over 55 years, VCC has been a leader in innovative, experiential post-secondary learning. We\'re one of B.C\'s top employers and we are proud to inspire students to discover their passions, gain essential skills, and learn what it takes to succeed in a competitive workforce.

At VCC, we respect and celebrate our differences, and are committed to the work of decolonization, accessibility, and inclusivity for all. Be a part of creating an inclusive community that provides equitable opportunities for Indigenous and diverse representation, participation, and success for everyone.

We value lived experience and encourage applications from members of all groups experiencing barriers to equity. Come join the VCC community as we shape the future together.

Reporting to the Director, Information Security, the Manager, IT Security is responsible for the development and management of Information Technology Security at VCC through working with people, processes, and technologies. The role manages College-wide IT security activities to protect VCC from cyber threats and meet business needs of the College. The position leads cyber incident response and investigations and serves as a security champion in IT and with other teams.
Job Duties/Responsibilities

Strategies, Plans and Procedures

1. Contributes as a member of the IT management team; assists in developing strategies, plans and procedures pertaining to the service delivery model. Implements standards, processes, tools, and metrics to ensure development and establishment of an innovative IT team that provides support across VCC. Ensures IT Security activities are aligned with Information Security and IT strategies, and College strategic plans.

Operations and Finance

2. Manages IT security activities and allocated resources; supervises technical staff and contractors.

3. Accountable for assigned resources, including funds, facilities, and staffing; ensures funds are used in accordance with the College policies, and operates within allocated budgets.

4. Creates and manages internal financial budgets and acquisitions as related to IT security activities.

Leadership

5. Manages staff, overseeing and participating in selection, coaching, mentoring, development and performance management. Provides effective leadership and technical direction fostering a collaborative and service-oriented culture to ensure a positive customer experience.

6. Provides direct and indirect leadership on IT security, and direction and expertise on projects to teams and departments in the College, and to end users.

Implementation and Administration of IT Security Programs
7. Implements cyber security technologies for use across college academic and administrative units which protect IT services delivered to faculty, staff, students, and stakeholders of the College.

8. Plans, leads and executes risk assessments to determine the security of the College\'s data and infrastructure for existing systems, and those being considered for purchase or implementation.

9. Manages security related events including detecting and responding to security alerts and incidents.

10. Leads cyber incidents response including coordinating mitigation activities, performing high-level forensic analysis, and engaging with external cyber security vendors for detailed forensic checks.

11. Manages security of VCC data and systems in a cloud environment. Designs cloud aware security architecture and implements appropriate cloud security tools.

12. Collaborates with IT teams and end-users to design and develop security processes.

13. Develops relevant operational reports and KPIs; analyzes data produced by security systems; and ensures timely deliveries of reports and KPIs to designated audience.

14. Manages and leads vulnerability management process: stays current with new vulnerabilities, performs vulnerability assessments, analyses findings, establishes priorities, and coordinates remediation activities.

15. In collaboration with the Director, Information Security, develops College-wide IT security policies; develops, documents, tests, implements, and executes IT security processes, methodologies, and controls in relevant areas.

16. Monitors enforcement of cyber security policies and practices to ensure the confidentiality, integrity, and availability of College\'s information resources.

17. Maintains proper configuration of security tools and supports overall system hardening.

Training and Customer Service

18. Designs and delivers information security awareness training and exercises.

19. Maintains quality service by administering quality and customer service standards; analyzing and resolving quality and customer service problems; identifying trends; and recommending system improvements.

20. Manages escalated support issues and provides leadership and direction for resolution of issues.

Other

21. Ensures compliance with FOIPPA and other privacy and security requirements.

22. Supports secure Identity and Access Management processes.

23. Manages vendors in the delivery of security services to VCC.

24. Remains current with cyber landscape and threats, analyzes industry trends and determines potential impact on VCC systems. Recommends approaches and application of new technology to assist the College and stakeholders meet their academic and administrative objectives.

25. Performs other related duties as assigned.

Qualifications

Education and Experience

• Bachelor\'s degree in Information Technology and professional credentials related to information security (e.g., CISSP, CISA, GIAC)
• Minimum of 5 years\' experience directly related to information security, including 2 years in a supervisory role.
• An equivalent combination of training and/or experience may be considered.
• Extensive experience in IT security. SOC experience is an asset.
• Strong knowledge of information security industry standards and relevant legislations such as: NIST CST, ISO 27000, CIS CSC, FOIPPA, PCI-DSS, COBIT, CASL.
• Strong knowledge of IT Security and IT technologies, such as endpoint protection, NGFW, advanced email security, IPS, SEIM, AD, Windows security, Linux security, network security.
• Strong knowledge of Microsoft O365, M365 and Azure AD security tools.
• Working knowledge of AWS and Azure public cloud. Knowledge of various other cloud security methods and tools.
• Working knowledge of business and technical risks, and current computer security issues and trends.
• Strong working knowledge of Windows and Linux operating systems.

Skills and Abilities

• Excellent research and analytical skills to track and predict trends in cyber security.
• Strong leadership, analytical and problem solving skills.
• Proven interpersonal skills with the ability to work independently and collaboratively as a member of a team.
• Ability to establish and maintain effective working relationships with staff at all levels throughout the organization.
• Excellent customer service skills with a proactive, problem-solving approach.
• Excellent organizational and time management skills and ability to prioritize and manage several time-sensitive issues at a time.
• Strong oral, written and presentation/facilitation skills; ability to communicate at technical and non-technical levels while working with projects and teams.
• Strong project management and change management skills; ability to direct multiple complex technology projects including developing proposals and budgets, project planning and implementation.
• Proven ability to influence throughout the organization without direct authority.
• Ability to translate business requirements into technical and managerial security controls.
• Position is required to work at various locations internal and external to the College.

Salary Range - Prorated based on FTE

$83,799 - $111,732 - $122,905 annualized (Pay Grid 11). Normal starting salary placement is between $83,799 and $111,732. Compensation beyond the control/mid-point requires approval by the Public Sector Employer\'s Council Secretariat (PSEC).

Posting Detail Information

Employment Group Administration
Type of Position Permanent
Employment Type Full Time
Department INFORMATION TECHNOLOGY
Primary Location - This position may require you to work at all VCC locations. Broadway
Is this posting only for internal applicants? No
Desired Start Date - May be subject to change
Position End Date - For Temporary Positions
Vacation Blackout Dates
Number of Hours per Week 35
Work Schedule - Hours may vary according to the needs of the Department

Monday to Friday, 9:00 am - 5:00 pm
Eligible for Fortnight No
Special Instructions to Applicant

This position spends up to 50% of time with hands-on cyber security tasks.

Posting Open Date 03/03/2023
Posting Close Date 04/02/2023
Is this a pooled posting? No

Vancouver Community College