Senior Manager, Cybersecurity

Follow us on LinkedIn

Job Type:

Employee

Duration in Months (for fixed-term jobs):

24

Job Family:

IT Infrastructure and Systems

# of Open Positions:

1

Faculty/Service - Department:

EECS_PM

Campus:

Main Campus

Union Affiliation:

N/A

Date Posted:

December 05, 2024

Applications must be received BEFORE:

December 16, 2024

Hours per week:

35

Salary Grade:

Non-Union Grade NM2

Salary Range:

$112,957.00 - $140,190.00

About the Faculty of Engineering
The Faculty of Engineering strives to provide a learning environment that promotes excellence and innovation, ethical practice and responsibility towards society. Our workplace will challenge, energize and motivate you to be your very best while providing opportunities for career growth and professional development. Our work makes a world of difference in the lives of our students, who will become the next generation of leaders and change makers of our society. Our dynamic community is dedicated to building innovations that will not only help the advancement of technology, but solutions that will revolutionize the industry. We look forward to making the future TOGETHER!

*This position may be eligible for a telework arrangement. Learn more about our telework guidelines click here

Position purpose:

Provides expertise and leadership in the development of cybersecurity solutions for the uOttawa-IBM Cyber Range. Contributes to strategic planning and development and plays a vital role in the design, development, and implementation of an overall security risk management strategy for the Cyber Range; this includes developing simulation and testing protocols over a variety of complex systems. Directs and manages a team of skilled technical engineers. Provides security operations management for users, both internal and external. Supports the research team in developing, maintaining, and enhancing the proof-of-concept tool.  
The uOttawa-IBM Cyber Range is a unique learning, training and research facility that allows students, researchers, and companies to work in a realistic and immersive environment to learn how to protect against cybersecurity threats.

In this role, your responsibilities will include:

Security Risk Management: Develops and maintains a comprehensive cyber risk management framework. Continuously identifies, assesses, and mitigates client cyber risk exposure; implements and maintains robust risk management practices. Understands malware kill chain & hands-on-keyboard attacks.

Vulnerability Assessment: Conducts regular security assessments and identifies vulnerabilities with the systems. Detects accurate & efficient classification of malicious & suspicious behaviors. Elements include (but not limited to) mapping Indicators of Compromise (IOCs) to MITRE Att&ck matrix; configures author classification rules, for both Endpoint & Cloud scenarios, to identify malicious & suspicious use of Tactics, Techniques and Procedures (TTPs).

Risk Analysis and Mitigation: Assesses potential risks and develops strategies to mitigate these risks for the Cyber Range. Analyzes real-world kill chains to discover new TTPs and gaps in coverage. Evaluates the impact of different threats and devises plans to counteract them. Builds & maintains playbooks on threat actor TTPs.

Team Lead: Directs and manages a team of skilled technical staff. Oversees security operations including continuous security monitoring, incident response and remediation, and the use of threat intelligence to ensure timely detection and mitigation of cyber threats, risks, and vulnerabilities.

Customer Engagement: Serves as the primary cybersecurity contact with users and clients. Provides expert advice and support to clients on cybersecurity matters and ensures a high level of customer satisfaction with Cyber Range solutions. Contributes to active engagement with the security ecosystem through papers, presentations, and blogs.

Monitoring Systems: Continuously monitors networks and systems for potential security breaches or suspicious activities. This involves analyzing logs and reports generated by security tools to detect anomalies. Measures and tunes TTP coverage through data mining, customer telemetry & internal sandbox feeds.

Development of Security Protocols: Creates and implements security protocols and best practices to fortify the Cyber Range’s defenses. This includes building realistic training scenarios based on known and newly identified TTPs. Builds and maintains complex realistic simulation of large, virtualized networks on both CITEF and Field Effect.

What you will bring:

• PhD in Computer Science, Information Technology, or a related field, with a specialization in Cybersecurity and Artificial Intelligence
• Minimum 10 years’ experience in cybersecurity, software development lifecycle, large-scale computing, modelling, and/or anomaly detection
• Specialization or working experience in at least one of the following domains: penetration testing, forensics investigation, malware analysis
• Experience in leading a team of skilled technical staff
• Ability in providing feedback to project teams in non-technical terms and to communicate technical concepts to users
• Academically recognized author of security research papers
• Understanding and deep knowledge of commonly used attack tools and frameworks used by Red team
• Security Operations Center (SOC) or blue team experience involving the hunting and discovery of adversaries in enterprise environments
• Experience working with and manipulating large data sets (i.e. billions of events per day). 
• Experience with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against AI systems.
• Proficiency in at least one programming language such as Python, C#, or C++
• Proficiency in at least one query language such as KQL, SQL, Cypher.
• Proficiency in virtualization and containerization technologies
• Experience with Ansible
• Expert Linux user
• Knowledge of project management concepts and methods and experience in planning and managing cross functional projects and teams
• Training in teaching (train the trainer) and/or teaching experience considered an asset
• Bilingualism - French and English (spoken and written)

Key Competencies at uOttawa:
Here are the required competencies for all or our employees at uOttawa: 

Planning: Organize in time a series of actions or events in order to realize an objective or a project. Plan and organize own work and priorities in regular daily activities.
Initiative: Demonstrate creativity and initiative to suggest improvements and encourage positive results. Is proactive and self-starting. Show availability and willingness to go above and beyond whenever it is possible.
Client Service Orientation: Help or serve others to meet their needs. This implies anticipating and identifying the needs of internal and external clients and finding solutions on how to meet them.
Teamwork and Cooperation: Cooperate and work well with other members of the team to reach common goal(s). Accept and give constructive feedback. Able to adjust own behaviour to reach the goals of the team.

The University of Ottawa embraces diversity and inclusion in the workplace. We are passionate about our people and committed to employment equity. We foster a culture of respect, teamwork and inclusion, where collaboration, innovation, and creativity fuel our quest for research and teaching excellence. While all qualified persons are invited to apply, we welcome applications from qualified Indigenous persons, racialized persons, persons with disabilities, women and LGBTQIA2S+ persons. The University is committed to creating and maintaining an accessible, barrier-free work environment. The University is also committed to working with applicants with disabilities requesting accommodation during the recruitment, assessment and selection processes. Applicants with disabilities may contact hrtalentmanagement@uottawa.ca to communicate the accommodation need. All qualified candidates are encouraged to apply; however, Canadians and permanent residents will be given priority.

Note: if this is a union position: The hiring process will be governed by the current collective agreement related to the union affiliation noted above; you can click here to find out more.

If this is a front-line position with responsibilities to interact with students, selected candidates must be rated at the Low Advanced proficiency level or higher for both oral comprehension and reading comprehension in their second official language. The rating is determined by a proficiency test designed by the Official Languages and Bilingualism Institute.

Prior to May 1, 2022, the University required all students, faculty, staff, and visitors (including contractors) to be fully vaccinated against Covid-19 as defined in Policy 129 – Covid-19 Vaccination. This policy was suspended effective May 1, 2022 but may be reinstated at any point in the future depending on public health guidelines and the recommendations of experts.