INFORMATION SECURITY OFFICER
Working as part of the ITSS Team, the Information Security Officer's role is to provide vision and leadership in support of information security for UPEI. Under the direction of the Chief Information Officer (CIO) the Information Security Officer (ISO) oversees all aspects of information security. This position is responsible for the management and coordination of IT security to protect the confidentiality, integrity, and security of UPEI data assets.
The position champions the development, implementation, delivery and support of a risk-based, enterprise information security strategy aligned to UPEI's IT Strategy. The ISO ensures information systems strategies, projects and operations comply with information security. This role provides information security resources expertise, guidance, and knowledge necessary to execute strategic and operational plans across all of the university information systems.
The primary focus of this position is to develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities. The ISO will develop and implement appropriate safeguards to ensure delivery of critical services. The ISO will support the ability to limit or contain the impact of a potential cybersecurity event while developing the implementation of resilience plans to restore capabilities or services that could be impacted in the event of a potential cybersecurity incident. Additionally, the role will have a strong focus on developing and delivering on user education and training across the campus community.
University degree and 5 years' work experience in Information Security (Masters preferred)
One or more of the following certifications: (GIAC Security Essentials Certification, GIAC Security Leadership Certification, ISACA Certified Information Security Manager, Microsoft Certified Systems Engineer: Security, (ISC)?2; SCCP, (ISC)?2;CISSP or (ISC)?2;ISSAP)
Enterprise security architecture design would be an asset
Creating and managing enterprise security policy, procedures, and practices would be an asset
Designing and delivering employee security awareness training would be an asset
Managing a staff of 2 to 5 individuals as well as operational and capital budgets would be an asset
Developing Technology Recovery Plans would be an asset
Securing all layers of information technology would be an asset
Working knowledge of one or more of the following: Fortigate, QRadar, Microsoft MFA, CISCO DNA., CISCO ISE, CISCO Firewall, Barracuda, Azure would be an asset
Working knowledge of Microsoft, Web development platforms, database design, and technology service planning
Work With Us
Competitive salary commensurate with qualifications and education.
3 year term (may be reduced or extended depending on performance, available funding and departmental requirements)