Technology Security Specialist (Open to current City of Victoria employees only)

Job Description

 

 

Technology Security Specialist

 

Competition Number:         25/89

Posting Scope:                   Internal (Open to current City of Victoria employees only)

Posted Date:                       May 6, 2025

Closing Date:                      May 13, 2025, 4:30 PM PST

 

Department:                        Information Technology

Posting Type:                     Continuous (Regular Full-Time)

Work schedule:                  Monday to Friday ( 35 hour work week)

 

Salary:                                 $ 61.37 per hour, Pay Grade 19 (under review)

Job Code:                           4315

Employee Group:               This is a CUPE Local 50  position

Number of Vacancies:       1

 

 

WORK FROM HOME

The successful candidate for this posting may be eligible for participation in a hybrid, work from home arrangement in alignment with the City’s Work from Home Policy. Such arrangements are determined with each employee and subject to change based on operational needs and policy direction. 

 

FLEX

The successful candidate for this vacancy would participate in a modified work week, earning a flex day off each bi-weekly period by working additional time each day. Modified work weeks established in accordance with the CUPE Local 50 Collective Agreement and are subject to change.

 

Position Summary:

 

Under the general direction of the Cybersecurity Manager, the Technology Security Specialist is responsible for the design, implementation and review of the City of Victoria’s cybersecurity program. The Technology Security Specialist supports policy and standards development, implements controls and reporting to aid in compliance with cybersecurity frameworks. They assist in the creation of roadmaps and conduct assessments of existing application architectures and infrastructure to enable the City to continuously improve and mitigate technical debt and risk across the Enterprise landscape.

 

Key Duties:

Cyber Security Functions

• Responsible for overall implementation of security functions associated with Information Technology applications, communications and computing services.
• Research, develop and implement processes and reporting to measure and respond to cybersecurity related events and incidents.
•  Gather and assess information to determine appropriate cybersecurity strategies that align with goals and objectives of the corporate strategic plans. 
• Participate in various internal and external committees involving business continuity.
•  Work across departments to prioritize security initiatives and spending based on analysis of risk management. 
• Build and participate in exercises and training pertaining to emergency plans.
• Assessing, designing and implementing technical solutions and policies in environments that impact City wide solutions.
• Monitor, assess impact, affect change and communicate regulatory requirements which affect information security governance. 
• Monitor network access by running metrics reports on usage and implementing outcomes of network audits. 
• Ensure compliance with security measures, particularly within payment card industry and work with external auditors to address contraventions,
• Participate in or at times lead investigations related to security events, incidents and breaches, that may focus on internal or external resources.
• Provide recommendations regarding security incidents and breaches and guidance regarding security policies and standards. 
• Work with consultants on security audits and associated reporting. 

 

Continuous Improvement and Innovation

 

The Technology Security Specialist collaborates to ensure proactive and adaptive strategies to address evolving cyber threats, including:  

• Collaborating across the IT Department and other City Departments to communicate the corporate security vision, foster collaboration and enhanced levels of enterprise security through information sharing and cooperation.
• Implementing and reporting on the IT security awareness and training program for City staff.
• Researching, evaluating, design and recommending current and emerging security technologies, solutions, and best practices to enhance the City's security posture while staying abreast of the latest security trends, threats, and developments through active participation in professional networks and associations.
• Works closely with the City’s external contracted Security Operations Centre (SOC) and acts as the point of contact between both organizations, working collaboratively with SOC analysts.

 

Perform other duties where qualified.

 

INDEPENDENCE

• Work is reviewed through discussions with Manager.
• Issues such as major system changes, expenditures, and policy matters are discussed with Manager with recommendations.

 

WORKING CONDITIONS

Physical Effort:

• Sit with arms unsupported while keyboarding. (often)

Mental Effort:

• Long periods of intense concentration while preparing reports, recommendations, performing reviews and testing application software. (often)
• Meet multiple deadlines with conflicting priorities. (often)

Visual/Auditory Effort:

• Focus on a variety of source data and computer for short periods. (often)

Work Environment:

• Office.

 

KEY SKILLS AND ABILITIES

• Knowledge of key security standards including but not limited to NIST, ISO, CIS CSC, PCI, and DSS.
• Proficient in DevOps environments with a demonstrated ability to work in an Agile team.
• Ability to communicate effectively with stakeholders, verbally and in writing.
• Ability to work effectively with multi-disciplinary teams which include customer stakeholders, project managers, business analysts, and developers.
• Proficient with Azure technologies to support the Microsoft 365 line of business applications.
• Proficient in architecting solutions leveraging Azure Entra Active Directory.
• Proficient in diagramming enterprise architectures at various levels of detail for the organization.
• Familiarity with Web Services such as SOAP, REST, WCF, ASP,.Net, Web API.
• Strong analytical and problem-solving skills.
• Strong time management, prioritization, and organizational skills.

 

 

Qualifications:

• Graduate Degree in computer science, information systems, computer engineering or related field. An equivalent combination of education and experience may be considered.
• Cybersecurity related Certification. (12 weeks)
• Certified Information Systems Security Professional (CISSP) certification or equivalent is an asset.
• Additional post-secondary education in cybersecurity or a related field is an asset.

 

Experience:

• At least 4 years’ experience in information technology, including 2 years of relevant work experience in cyber security in an enterprise or corporate setting with:

• relevant experience architecting and implementing cyber security solutions that leverage a combination of both on premises and cloud environments and;
• experience modernizing legacy applications and solution architecture.

• Experience with architecting and implementing solutions related to public sector and/or experience with implementing and maintaining compliance with key security standards (such as NIST, ISO, CIS CSC, PCI DSS) is an asset. An equivalent combination of education and experience may be considered.

 

OTHER:

• May be requested to substitute in a more senior position.

 

 

To apply for this opportunity, you will need to create an online profile or log back into our career portal at www.victoria.ca/jobs - only online submissions will be considered. All applications must be submitted online by 4:30 pm on the closing date noted on the posting. Please be prepared to provide proof of qualifications as outlined in your resume. 

 

The City of Victoria is committed to integrating equity, diversity, inclusion, and accessibility into our programs, policies, spaces, and services. Our goal is to cultivate a diverse and inclusive workforce that reflects the community we serve and aim to become. Individuals who are Indigenous, racialized, immigrants, persons with disabilities, 2SLGBTQIA+, or facing any additional barriers are encouraged to apply. Accommodations will be available upon request throughout the application and selection process. 

 

If you require assistance, please email us at careers@victoria.ca.