LeverageTek is actively seeking a Manager Cyber Security for a permanent position with its Ottawa-based customer

Work Location

• The successful candidate will work in a hybrid arrangement (2x/week onsite) - this is a mandatory requirement to be onsite a minimum of 2-days a week

Security Requirement

• None

Key Tasks:

• Reporting to the Director Information and Technology Services, the Manager Cyber Security will define the strategic direction of the organizations digital security program, ensuring security is seamlessly integrated into their services, and day-to-day activities.
• You will be accountable for the organizations Cyber Security posture, roadmap, policies, and the day-to-day operations to protect the organizations information and technology assets.
• This position will lead the design, implementation, and ongoing management of security controls.
• You will lead a team of cyber security professionals, and partner with business leaders across the organization to provide cyber security guidance, standards, oversight and support.
• You and your team will mitigate risks in our digital environment, detect threats, and respond to security incidents effectively.
• You will test these controls and make sure they are working and being followed. This role will play a role in ensuring compliance with security best practices across the digital environment.
• Develop, implement and maintain the information security program to ensure that it aligns with the organization's goals, objectives, and risk tolerance.
• Research and evaluate emerging cyber security trends, threats, and technologies and provide recommendations and insights to enhance the organizations cyber security posture and capabilities.
• Develop and maintain enterprise information security architectures and solutions.
• Build and maintain effective relationships with internal and external groups and represent security in various projects, committees and working groups.
• Lead Information Security delivery for the Organization, including threat detection, monitoring, and incident response. You will have responsibility for security input at the Security, Privacy Records and Information Governance Committee (SPRING) as well as at Digital Governance committees.
• Conduct cyber security assessments and testing ensuring that cyber security practices are working as expected and gaps/issues are identified and remediated.
• Work collaboratively with other ITS managers, business units, legal, and privacy to develop and maintain an information security roadmap.
• Establish and monitor the ongoing effectiveness of Security and Privacy design practices and ensure alignment with relevant organization Policies and procedures.
• Work with the broader Crisis Management and Business Continuity Teams to ensure effective procedures are in place to respond to a significant incident.
• Develop and test Playbooks and Incident Response Plans to ensure the organization is prepared to respond to various cyber security incident scenarios.
• Monitor constantly changing technology landscape to ensure the organizations systems and applications are well positioned to meet current and future business requirements.

Key Qualifications:

• Minimum 3-5 years' of recent and demonstrated Management experience leading, managing and coaching a team of Cyber Security and IT Infrastructure Operations professionals.
• Minimum 8-10 years' demonstrated experience in both hands-on and leadership roles with ownership, development and ongoing management of the Information Security frameworks, and information security principles.
• Strong experience with protecting a cloud based, Azure focused (but not exclusive), environment. Strong understanding and working experience with Microsoft security products is required.

Other Qualifications:

• CISSP, CISM, or GIAC or equivalent certification
• Strong understanding of NIST CSF, NIST RMF, ISO27001, SOC2 PCI DSS, ITIL
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
• Experience in developing and administering information security procedures and programs.
• Experience with Event Management/SIEM Management, and Identity and Access Management principles and systems.
• Experience completing Risk and Control Assessments for systems and applications.
• Experience developing and monitoring a Threat and Vulnerability Management program and associated systems.

Assets:

• Level of education, training and experience equivalent to a bachelor's degree in computer science, mathematics, engineering, information systems or related field or related experience.
• Programming knowledge (Phython, UNIX shell scripting, PHP, etc.)
• Strong Asset: Systems Security Certified Practitioner (SSCP)
• Strong Asset: Certified Ethical Hacker (CEH)
• Bilingualism is an asset.

About LeverageTek Staffing Solutions

• Founded in 2003, LeverageTek provides end-to-end, cross-functional staffing solutions throughout North America. We are a trusted partner to leading private and public sector organizations and experts in talent solutions that create optimal business outcomes.
• Don't let our name fool you. Our roots are in technology, but we are also a proven leader in accounting and finance, sales and marketing, human resources, supply chain, and legal talent acquisition. We offer contract and permanent staffing, executive search, talent mapping, management consultancy, and contractor payroll management.
• LeverageTek is an equal opportunity employer. We offer a welcoming and inclusive environment in service to one another, our customers, the candidates we represent, and the diverse communities we call home. We do all of this with kindness, empathy, and respect for each other. LeverageTek is committed to employment equity and creating a diverse and inclusive workplace. We welcome applications from all qualified individuals regardless of race, religion, gender, national origin, age, disability, and marital status.
• Accessibility accommodations are available upon request