IT Security Architect

Duties:

Reporting to the Chief Information Officer via the Director, Information Security, the IT Security Architect will play a key role in leading the University’s cybersecurity operations and strategy. The IT Security Architect is primarily responsible for: developing and implementing cybersecurity measures, processes and controls; leading the IT Security Team, providing advice and guidance to other technical teams within IT, administrators, faculty and staff; managing and monitoring the environment for security breaches; analyzing and responding to complex cybersecurity-related alerts and incidents; monitoring system logs and network traffic for cybersecurity incidents; implementing technical projects related to the cybersecurity strategy; and actively participating in the development and implementation of the University’s cybersecurity strategy.

Responsibilities will include but are not limited to:

• Development and maintenance of the enterprise security architecture framework, contributing to development of operational and tactical plans related to cybersecurity.
• Coordinate and develop prioritized action plans for external vulnerability and penetration tests as directed, typically on an annual and bi-annual basis and implement technical resolutions.
• Provide recommendations and guidance to maintain a defensible level of cybersecurity; implement approved technical actions and recommendations.
• Develop, implement, and monitor a server and endpoint patch management strategy.
• Develop and implement cybersecurity incident response plans and lead their execution during cybersecurity events.
• Assist with the development of policy, standards, and procedures to assist your team in achieving consistent, standards focused outcomes.
• Execute test plans for new hardware and software systems to ensure functionality meets specifications and clearly document deficiencies discovered during testing phases.
• Perform analysis of potential cybersecurity solutions and prepare cost benefit reports to aid in solution selection.
• Work closely with various business and IT units to assist with cybersecurity practice, process and procedure development and documentation.
• Design and develop information systems based on supplied process diagrams and documented requirements.
• Create, maintain, and follow technical documentation.
• Create data visualizations to assist with communicating information to decision makers.
• Follow procedures to manage records and curate key operational and project documentation.
• Coordinate projects and issue resolution work with your team and other stakeholders.
• Evaluate vendor products and provide purchase recommendations to management.
• Actively engage in contributing to and accomplishing the vision, mission, and goals of the University and in supporting the aspirations and needs of our learners.
• Promote a positive work atmosphere by interacting and communicating in a professional manner that demonstrates mutual respect with students and colleagues.
• Responsible for the implementation, maintenance, and retirement of cybersecurity devices and services, and the monitoring of infrastructure components related to cybersecurity, including vulnerability management platforms, firewalls, endpoint protection, Active Directory, Azure security tools, Office 365 Advanced Threat Protection, and others.
• Conduct threat and risk analysis and provide viable solutions for them including configuration changes, system restrictions, user training, or policy and procedure improvements.
• Perform other related duties as assigned.

Required Qualifications:

Recognized four-year degree in Computer Information Systems, Information Technology, Cybersecurity or another relevant field. Security certification(s), or an equivalent combination of certifications and experience required. 6 years’ current experience in general IT and 4 years’ experience in cybersecurity or equivalent education and experience.

• Demonstrable completion of reputable course(s) related to cybersecurity practices.
• Experience in post-secondary education or the public sector is preferred.
• Ability to perform front line digital forensics and malware analysis during an incident.
• Deep understanding of risk management practices and cybersecurity frameworks (e.g. NIST).
• Ability to assess cybersecurity maturity state of VIU and contribute to the development and maintenance of a cybersecurity program for the University.
• Ability to collect relevant maturity metrics and communicate in risk terms to executives and directors.
• Understanding of identity and access management issues, such as accumulated permissions, high risk permission configurations, and distributed security.
• Experience leading projects.
• Ability to prepare and distribute progress reports.
• Familiarity with regulatory compliance.
• Ability to assess the relative strengths and weaknesses of different solutions.
• Ability to test newly implemented solutions and provide constructive feedback.
• Familiarity with structured approaches to system configuration management.
• Ability to collect clear, accurate and thorough systems requirements.
• Experience using project management tools to manage project tasks.
• Ability to provide assistance and advice to less experienced members of your team and other IT teams.
• Ability to follow pre-defined procedures to create, update and maintain assets in asset tracking systems.
• Demonstrated commitment to service excellence and teamwork.
• Ability to work effectively and cooperatively with a diverse group of individuals or departments.
• Excellent communication skills, both written and verbal.

VIU is pleased to offer eligible employees a comprehensive benefit plan; ample paid holiday time; professional development opportunities and a desirable pension plan. As part of the VIU campus community, our employees work with supportive colleagues within an encouraging environment and are provided with the tools and training that promote learning and development. The perks of VIU employment are multiple, and include well-being initiatives and services, strategic discounts, and flexible work opportunities.

Note:

• Short-listed candidates must provide original transcripts, or applicable original certifications at time of interview.
• All qualified candidates are encouraged to apply; however, Canadians and permanent residents will be given priority.
• Vancouver Island University (VIU) is collectively committed to building and sustaining a diverse and inclusive working and learning environment for faculty, staff, and students. In our journey towards greater diversity, we invite applications from members of equity-seeking communities including women, racialized and Indigenous persons, persons with disabilities, persons of all gender identities and sexual orientations who bring value to the VIU community through their lived experiences. We encourage members of all equity-seeking groups to self-identify within their application cover letter. When a candidate voluntarily discloses this information in their cover letter, the information will be used only for the fulfillment of the career opportunity. Disclosure and/or self-identification with an equity-seeking group will not lead to advantageous treatment of a candidate who is not qualified.

#J-18808-Ljbffr