ORION is a not-for-profit organization dedicated to empowering Ontario researchers, educators and innovators. We foster a community of 1.7 million users at more than a hundred universities, colleges, hospitals and research institutions, school boards and regional innovation centres across the province. We enable ground-breaking discoveries and cutting-edge education by connecting institutions and regions through our network, facilitating collaboration and providing our community with the digital tools and expert support they need to make the world a better place.
As pioneers of cybersecurity thought leadership in Canada’s research and education sector, ORION is committed to keeping our digital community safe by helping improve their cybersecurity posture. ORION is directly engaged in providing cybersecurity support and advice to approximately 40 universities and colleges in Ontario, and for some institutions in other provinces.
As a workplace, ORION has a culture of inclusion, mutual respect and teamwork. Equity and diversity are an integral part of our commitment to innovation, connectivity and community. We encourage applicants from women, persons with disabilities*, Indigenous peoples, racialized people and others who may contribute to the further evolution of our network.
- This position reports directly to the Chief Technology Officer (CTO)
Salary and Benefits
- Flexible work-from-home policy
- Comprehensive benefits package
- Career-training and development
- Generous holidays/vacations
- Many other perks
What we need
Reporting to the Chief Technology Officer (CTO), the ON-CHEC Security Officer (Governance, Risk & Compliance) will provide assistance and leadership, working in partnership with working groups to develop security guidelines, assess security risk, and provide direction to the universities and colleges participating in ON-CHEC (Ontario Cybersecurity Higher Education Consortium). The successful candidate will interact with members of the higher education community, keep abreast of their cybersecurity needs, and continually evolve cybersecurity programming for the higher education space.
Candidates will have excellent written and spoken communication abilities, proven leadership qualities, and an exceptional capacity to understand our community’s needs. We are looking for a team-oriented individual with strong professional ethics.
- Responsible for key deliverables of the ON-CHEC Program, while providing required project management, communication, documentation, and knowledge management support
- Provide our constituents (universities and colleges) with expert advice on their cybersecurity program & roadmap and framework that are aligned with their needs,
- Manage the execution of mandates which are a part of the ON-CHEC program which may include:
- Provide strategic advice to institutions on governance, risk, and compliance aspects of cybersecurity
- Support and manage the collection of security self-assessment responses
- Write monthly security digests for ON-CHEC members
- Oversee and manage sharepoint portal for the ON-CHEC program
- Manage and develop content for the monthly ON-CHEC webinars
- Manage and coordinate ON-CHEC working group activities
- Evaluate security postures, frameworks and roadmaps
- Advise on Information security programs
- Advise on strategies and recovery plans in the event of an incident
- Advise on IT internal audit mandates as a cybersecurity expert
- Advise on methods and processes for security development in software solutions
- 3-5 years of experience in Information security, ideally as part of a higher education institution or consulting firm
- Bachelors or Masters degree in Computer Science or Information Systems Security
- CISSP, CEH, CRISC, CISM certification or equivalent an asset
Knowledge and Skills
- Passion for cybersecurity and knowledge of attack methods, tools, tactics, and techniques
- Experience in, or appreciation of, the unique challenges and risks faced by the higher education sector in Canada
- Knowledge of NIST CSF, CIS top 20 controls, ISO27000, PCI-DSS standards and frameworks an asset
- Experience as a participant in cybersecurity risk assessments, development and implementation of a cybersecurity roadmap
- Knowledge of behaviours of different types of threat actors
- Excellent analytical capacity
- Dynamic and self-directed
- Curiosity and well-informed of current trends in cybersecurity
- Excellent written and spoken communication qualities are essential
Please apply to firstname.lastname@example.org with subject line: ORION ON-CHEC Security Advisor
* Accommodations are available on request for candidates taking part in all aspects of the selection process.