Support the IT infrastructure with specific emphasis on Information Security. Assure the confidentiality, integrity and availability of all data and IT infrastructure components. Research, design and implement hardware and software security solutions.
Duties and Responsibilities:
- Plan, implement and oversee the operation of the University information security protection program.
- Manage response to security incidents (e.g. data breaches). Aggregate, correlate and analyze data.
- Audit to ensure compliance with established regulations, standards, policies, procedures, and configuration security guidelines.
- Manage information security vendor assessments, security attestations, re-certifications, audits, risk assessments, security testing.
- Design, implement and integrate security information and event management (SIEM), log management, anomaly detection, and configuration and vulnerability management.
- Design and implement information security solutions/infrastructure.
- Manage information security risks. Assess risk strategies to manage risk. Provide solutions for remediation and compensating controls.
- Plan and implement identity and access management/governance.
- Review and analyze security device configurations and policies.
- Participate in defining, implementing and measuring security awareness and training.
Education and Experience:
Three (3) years related experience
Other Qualifying Skills and Abilities:
Desired: Certification: CISSP, or CISA, or Master’s Degree in Information Systems Security (MASc) or Certificate in Security Analysis and Information System from HEC. Possess breadth of knowledge of IT and information security concepts, practices and standards, networks, data, systems, databases, applications and identities. Possess expertise in identity and access governance/management, network/data security, protection and countermeasures, risk management, auditing, incident response, forensics, and security/penetration testing. Demonstrated mastery of security tools. Experience in programming, batch processing. SQL Language and database administration is a definite asset. Demonstrated business acumen, process-oriented thinking, communication skills, project management, time management, self-reliance and strong technical writing skills. Well organized with ability to prioritize to meet regular deadlines. English and French, spoken and written.
Background checks: Criminal background and financial (annual)
Oncall rotation may be required.
How to Apply:
Please submit your cover letter and curriculum vitae, clearly indicating the reference number, to IT Services:
careeropportunity.its [at] mcgill.ca
*Current employees: please indicate your McGill ID number in your application.*
We thank all applicants for their interest in McGill University. However, IT Services will only contact applicants selected for an interview.
The masculine is used to lighten the text, without prejudice to the feminine form.
In order to maintain internal priority, McGill employees must apply within the delays specified in the MUNACA collective agreement for positions covered by the collective agreement or according to the personnel policies for positions covered by the personnel policies.
McGill University hires on the basis of merit and is strongly committed to equity and diversity within its community. We welcome applications from racialized persons/visible minorities, women, Indigenous persons, persons with disabilities, ethnic minorities, and persons of minority sexual orientations and gender identities, as well as from all qualified candidates with the skills and knowledge to productively engage with diverse communities. McGill implements an employment equity program and encourages members of designated groups to self-identify. Persons with disabilities who anticipate needing accommodations for any part of the application process may contact, in confidence, accessibilityrequest.hr [at] mcgill.ca or 514-398-3711.