Information Security Specialist (Two Positions)

Date Posted: 11/15/2024
Req ID:40696
Faculty/Division: Temerty Faculty of Medicine
Department: MedIT
Campus: St. George (Downtown Toronto)

Description:

Home to over 40 departments and institutes, the University of Toronto's Temerty Faculty of Medicine lies at the heart of the Toronto Academic Health Science Network and is a global leader in ground-breaking research and education, spanning clinical medicine, basic science and the rehabilitation sciences sectors.

MedIT provides information technology support for the Temerty Faculty of Medicine. Our mission is to partner and collaborate with clients, University, and third parties to determine value based, sustainable technology solutions that enable the Faculty to achieve its academic mission. MedIT aims to provide enterprise IT services for the Temerty Faculty of Medicine, with a strong focus on utilization of the Microsoft 365 Platform.

As Information Security Specialist, you will collaborate closely with the Manager, Information Security to contribute to the development and implementation of strategic and tactical planning of Temerty Medicine’s Information Security programs. Additionally, you will be responsible for promoting and training MedIT’s community on Information Security programs. You will also develop and manage incidents in accordance with incident management procedure.  In conjunction, you will undertake reviews and audits of the IT systems and services to ensure that potential threats or uncompromised access are mitigated. You will act as a Project Manager for IT projects that contain Information Security components, to ensure that projects achieve the security goals and controls of MedIT. 

Essential Qualifications

• University degree in technology-related discipline including but not limited to Computer Science, Computer Engineering or acceptable combination of education and experience. 
• Minimum 7 years’ directly related work experience in a high-volume, large, strategic enterprise level IT environment, including at least two years working with Information Security as a significant focus of activity. 
• Requires broad and in-depth knowledge of industry innovations and state-of-the-art technology in both computing and networking arenas. 
• Strong and/or expert understanding of client and server application deployment and support, client and server activity tracking, and IT Architecture concepts and security methodologies.
• Experience auditing systems for compliance (PCIDSS, PA-DSS, etc.). 
• Experience drafting information security standards and guidelines, assessing risk management, and determining controls. 
• Experience in administering enterprise-level Unix-based server applications. 
• Strong scripting skills required including Shell, bash, Python, and/or other interpreted languages. 
• Experience configuring databases and database-backed applications (SQL Server, MySQL). 
• Extensive experience with intrusion detection and prevention including using network and security analysis tools.
• Experience in selecting, configuring and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.). 
• Experience running penetration testing and vulnerability scanning (Metasploit, Nessus, etc.). 
• Experience with deploying, configuring and securing virtualized environments, and services running in it. 
• Excellent project management, team lead and facilitation skills.
• Excellent knowledge of process development, process design, process integration, client services development, systems analysis, specifications techniques and implementation strategies.
• Strong knowledge of information security, data governance, risk management, and compliance best practices with the ability to be a forward thinker and active observer of trends across industries.
• Excellent oral and written communication skills with the ability to produce high-quality and comprehensive communications materials.
• Adept at conforming to shifting priorities, demands and timelines through analytical and problem-solving capabilities.
• Strong ability to elicit cooperation and collaboration from a wide variety of sources, including upper management, stakeholders, and other departments.
• Excellent conflict resolution skills with strong ability to exercise judgement, tact, discretion, and determination.
• Adept at conducting research into technical or project-related issues and products, to continually improve processes and solutions as technology changes.
• Adept at quickly learning, understanding, and applying new technologies and process frameworks.

Assets

• Project Management Professional (PMP) certification or training in project management. 
• IT Security certifications held or in progress, such as CISSP, CISA, ISO Audit, CRISC
• ITIL certification held, in progress or training

Please Note:

• We are hiring for two (2) full-time continuing positions. 

Closing Date: 12/06/2024,11:59PM ET
Employee Group: Salaried 
Appointment Type: Budget - Continuing 
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 3 -- Hiring Zone: $91,937 - $107,259 -- Broadband Salary Range: $91,937 - $153,227
Job Category: Information Technology (IT)