Manager, Cyber Security

George Brown College Voir toutes les offres

  • Toronto, ON
  • 104.000-122.385 $ par an
  • Permanent
  • Temps-plein
  • Il y a 3 jours
Competition Number: REQ 7210TITLE: Manager, Cyber SecurityDIVISION: Information TechnologySALARY: Payband 11, $104,000 to $122,385 annuallyHOURS PER WEEK: 37.5LOCATION: 51 Dockside DriveWORK MODALITY: HybridSTATUS: Contract AdminVACANCY: ReplacementEFFECTIVE DATE: Immediately to 1 yearINTERNAL CLOSING DATE: Open until filledLand AcknowledgementGeorge Brown Polytechnic is located on the traditional territory of the Mississaugas of the Credit First Nation and other Indigenous peoples who have lived here over time. We are grateful to share this land as treaty people who learn, work, and live in the community with each other.Equity StatementGeorge Brown Polytechnic is committed to creating and sustaining an equitable and inclusive learning and working environment. We encourage and actively seek applications from Indigenous, Black, racialized people, visible minorities, 2SLGBTQIA+ persons, all genders, and persons with disabilities.GBP VisionTo be a polytechnic renowned for its inclusion, excellence, relevance, impact, and leadership.Position Description:Reporting to the Executive Director, Cyber Security and IT Infrastructure Services, the Cyber Security Manager supports the continued maturity of the Cyber Security program at George Brown Polytechnic (GBP). The role serves as a key liaison between the Executive Director's strategic and process-driven initiatives and the Cyber Security team's operational and technical work.The Cyber Security Manager partners with ITS and external service providers to develop and maintain a cybersecurity service delivery roadmap and leads the design and implementation of appropriate security controls, processes, and protocols. The role oversees day-to-day cybersecurity operations, including the ongoing review and enhancement of security controls, and provides recommendations to strengthen GBP's security posture in alignment with the Polytechnic's risk appetite.Working closely with internal ITS teams and external vendors/service providers, the Cyber Security Manager prioritizes security initiatives, coordinates responses to security incidents, and ensures compliance with GBP's cybersecurity governance framework.Key Responsibilities:
  • Leads the ongoing enhancement and maturity of the Polytechnic's Cyber Security program, aligning initiatives with institutional priorities and risk management objectives.
  • Leads the maturity of the Cyber Security risk management program in alignment with the Enterprise Risk Management (ERM) function.
  • Develops and implements preventive, detective, and corrective controls to mitigate identified Cyber Security risks.
  • Owns and manages the relationship with the Managed Security Service Provider (MSSP), including oversight of service delivery and roadmap alignment.
  • Leads the development and implementation of Cyber Security policies, standards, procedures, and guidelines.
  • Facilitates cross-functional workgroups with ITS, system owners, data custodians, and governance stakeholders to ensure engagement, accountability, and effective management of technology and information security.
  • Ensures enforcement of IT security policies across the Polytechnic, including ITS, and develops metrics and reporting mechanisms to support compliance monitoring.
  • Reports to senior management on Cyber Security posture, compliance status, emerging risks, and mitigation strategies.
  • Oversees key security management programs, including patch management, configuration management, data inventory, and vulnerability management.
  • Collaborates with ITS and other Polytechnic staff to identify and implement approved security tools and technologies that monitor the environment and detect potential breaches, vulnerabilities, or misuse of technology and information assets.
  • Develops and implements processes for incident response, breach investigation, and the management of security-related complaints or concerns from internal and external stakeholders.
  • Serves as the central point of contact and escalation for cybersecurity-related issues across the Polytechnic.
  • Leads the development and delivery of the Security Education, Training, and Awareness (SETA) program, including strategic planning, implementation, monitoring, and continuous improvement of awareness initiatives.
  • Provides Cyber Security advisory services to ITS and Polytechnic departments/divisions, offering guidance on information security best practices and frameworks, including ISO 27001, CIS, and NIST.
  • Represents the Polytechnic in relevant security-related industry workgroups and committees to stay informed of emerging threats, trends, and best practices.
  • Other duties as assigned.
Educational and Experience Requirements:
  • Four-year degree from a recognized post-secondary institute in Information Security, Cyber Security, Information Technology, or equivalent work experience.
  • Certifications in one or more of the following are required: CISSP, CCSP, CISM, Security+, or Microsoft certification in the areas of security design, implementation, or administration.
  • Minimum five (5) years of demonstrated experience in incident investigation, containment, and timely resolution.
  • Experience in incident handling and effective communication on Cyber Security/IT/information security breaches within a large institutional setting, ideally within an academic, unionized environment.
  • Experience in developing, implementing, and maintaining Cyber Security policies, procedures, standards, and guidelines.
  • Demonstrated success in planning, procuring, implementing, testing, and monitoring enterprise information security solutions.
  • Experience working with and managing servers, endpoints, configuration management (baselining), cloud infrastructure, endpoint and network security assessments, systems administration, network operations, and stakeholder support.
  • Leading asset inventory, configuration management, change control, and inventory of critical applications, data, and business processes.
  • Awareness of networking concepts and data centre operations (on-prem and cloud).
  • Demonstrated experience in educating and heightening awareness of Cyber Security.
Skills and Attributes:
  • Excellent interpersonal and communication skills and the ability to work effectively with, engage, and influence a wide range of stakeholders/constituents in a large, multi-site, diverse community.
  • Proven ability to mediate and resolve conflicts and find solutions in a collaborative environment.
  • Well-developed analytical, problem-solving, and evaluation skills, with experience leading complex Cyber Security projects and teams.
  • Broad leadership skills in managing a diverse team of experienced Cyber Security and IT professionals.
  • Demonstrated commitment to uphold the Polytechnic's priorities on diversity and equity.
Interview process may consist of a practical skills component.Notes:
  • The Polytechnic requires proof of degrees, credentials, or equivalencies from accredited regional or federal post-secondary institutions and/or their international equivalents. Credentials may require validation at the time of interviews or offer.
About Us:prides itself on educating students through real-world learning, in the heart of Toronto. Our faculty and employees make this vision a reality, and we support them by making George Brown a . See why we are consistently ranked as one of .George Brown Polytechnic offers hybrid work opportunities, a competitive pension plan, generous holiday and vacation time, a tuition assistance program, discounted rates for employees taking Continuing Education courses, and an equitable work environment where everyone matters.George Brown Polytechnic is committed to accommodating applicants with disabilities throughout the hiring process, in accordance with the Accessibility for Ontarians with Disabilities Act (AODA). Candidates who require accommodation in the hiring process may contact confidentially.Notice Regarding Employment Postings and Recruitment FraudIf you become aware of any job postings or employment opportunities advertised on external websites that are not currently listed on George Brown Polytechnic employment website, please report them to .Please note that George Brown Polytechnic maintains a no-fee recruitment policy. At no time will George Brown request payment, fees, or financial information from applicants as part of the recruitment or hiring process.Applicants are advised to remain vigilant of recruitment-related scams and to rely only on official George Brown communications and postings published on our official employment website.

George Brown College