Work With ORION

Information Security Officer

Summary

As pioneers of cybersecurity thought leadership in Canada’s research and education sector, ORION is committed to keeping our digital community safe by helping improve their cybersecurity posture. The successful candidate will have the opportunity to work collaboratively with cybersecurity experts across Ontario, Canada, and around the world.

ORION is a not-for-profit organization dedicated to empowering Ontario researchers, educators and innovators. We foster a community of more than two million users at more than a hundred universities, college, hospitals, and research institutions, as well as many of Ontario’s school boards. We enable ground-breaking discoveries and cutting-edge education by connecting institutions and regions through our network, facilitating collaboration, and providing our community with the digital tools and expert support they need to make the world a better place.

Reporting to the Chief Information Security Officer (CISO), the Information Security Officer will provide assistance and leadership, working in partnership with working groups to understand policies, assess security risk, and provide direction to the universities and colleges participating in shared-CISO initiative. The successful candidate will interact with members of the higher education community, keep abreast of their cybersecurity needs, and continually evolve cybersecurity programming for the higher education space.

Candidates will have excellent written and spoken communication abilities, proven leadership qualities, and an exceptional capacity to understand our community’s needs. We are looking for a team-oriented individual with strong professional ethics.

Responsibilities and Duties

  • Responsible for key deliverables of the Shared CISO Program, while providing required project management, communication, documentation, and knowledge management support
  • Provide our constituents (universities and colleges) with expert advice on cybersecurity, security guidelines that are aligned with their needs, support with security assessments and development of cybersecurity roadmaps
  • Oversee cybersecurity services being offered by ORION with assistance from external vendors ensuring communication of expectations and verification of delivery of services.
  • Supervise and manage the execution of cybersecurity mandates at ORION and our constituent institutions which may include:
    • Evaluate IT security postures and architectures
    • Develop IT security improvement programs
    • Assess security configurations for firewalls, databases, servers, work stations
    • Develop IT strategies and recovery plans in the event of an incident
    • Manage the performance of penetration tests or “red teaming” on infrastructures, networks (internal/external), physical security, wireless technologies
    • Provide guidance on IT internal audit mandates as a cybersecurity expert
    • Develop methods and processes for security development in software solutions
    • Review and document cybersecurity policies, guidelines, standards and procedures

Skills and Competencies

  • 3 to 5 years of experience in IT security, ideally as part of a higher education institution or consulting firm
  • Bachelors or masters degree in Computer Science or Information System Security
  • Passion for cybersecurity and knowledge of hacking methods, tools, tactics, and techniques
  • Understanding of common network protocols
  • Knowledge of behaviours of different types of threat actors
  • CISSP, CEH, CRISC certification or equivalent an asset
  • Knowledge of ISO27000, COBIT, NIST CSF, ITIL standards and frameworks an asset
  • Excellent analytical capacity
  • Dynamic and self-directed
  • Curiosity and well-informed of current trends in cybersecurity
  • Excellent written and spoken communication qualities are essential

Applications

Please apply to securityjobs@orion.on.ca