Specialist, IT Cyber Security Operations, Information Technologies

Position Overview

Architecture and Security Team within Information Technologies is currently seeking a Full-time Regular Specialist, IT Cyber Security Operations.

The Security Operations team is responsible for the planning and implementation of security measures designed to protect the staff, capital assets, and proprietary information of the University by providing strategic direction, tactical management, emergency planning, and advisory services. The IT Security team provides leadership and technical guidance to both IT and Client departments on the identification and mitigation of risk. In addition, this team is the primary responder to any issue that may lead to disruptions within the organization as such they are responsible for creating and implementing processes and solutions for the detecting, investigating and mitigation of security incidents that could impact the University.

The position reports to the Lead, Cyber Security Operations. The position is subject to high stress and requires balancing multiple priorities with tight deadlines. There may be a requirement for after-hours work, depending on the nature of the projects and initiatives currently underway.

Position Description

Summary of Key Responsibilities (job functions include but are not limited to):

Requirements Gathering

• Work with customers, IT Partners, Project Managers, and representatives from various faculties/departments on campus to understand cyber security requirements or issues
• Researching and defining cyber security standards

Project Management/Supervisory

• Work with the leadership team to define annual goals and objectives for themselves
• Lead as an escalation point and organize the team through challenging issues with the goal of root cause determination and build a remediation plan to resolve issues
• Work with the architecture or project teams to build tasks, and track the work required for the security items on projects to ensure timely completion of deliverables from their team
• Ensure all systems are aligned with the IT´s architectural and security standards and roadmaps
• Actively participate in assigned projects delivering consulting, installation and support services
• Assisting and contributing to the success of a project deployment with regards to the cyber security operations
• Operational upgrades coordination and implementation for security operational products
• Lifecycle management of hardware and software assets

Documentation

• Responsible for ensuring all documentation is detailed, accurate, timely, and meets the requirements of the project stakeholders and operational excellence. These documents may include, but are not limited to:
  • Consolidated design, showing both logical and physical layout
  • Security incident SOPs
  • Standard operating procedures for daily activities
  • Security application setup and configuration
  • Service catalog request items
  • Security Incident handling and tracking
  • Release documentation
  • Support documentation, FAQs, known issues, errors
  • Requests for Change
  • CMDB add/change/remove data
• Develop technical documentation, standards and guidelines

Technical Expertise

• In depth knowledge of cyber security processes, tools and frameworks
• In depth knowledge of incident response and investigative procedures
• In depth knowledge of security tools including Threat Detection, IPS/IDS, Encryption, Certificate Services, End Point Protection, Web application firewalls and SIEM technologies
• In depth knowledge of Identity Access Management
• Broad knowledge of enterprise systems, operating systems, and hardware platforms
• Broad knowledge of storage technologies, local storage, Arrays, SAN's, IP-Storage, NAS, File Systems
• Broad Knowledge of Cloud Infrastructure
• Design and develop new technologies that align with vendor roadmaps or future trends in the industry that apply to the server infrastructure environment
• Lead the cyber security process using his/her own technical expertise and challenge their team members on their technical recommendations where needed and appropriate
• Expected to have a working knowledge of a wide range of cyber security, server, storage, and network systems
• Provide input for technology roadmap sessions and work with IT Architecture to develop new standards to drive innovation in the cyber security service realm
• Take on responsibility for self-study and learning to remain well-versed in a wide range of security technologies and systems
• Administer and provide technical support for SIEM, PAM, security tools for forensics, etc
• Build and ensure staff follow technical documentation, standards and guidelines
• Provide cyber security guidance and escalation to direct reports and operational teams
• Taking corrective action to ensure confidentiality, integrity and availability of services to minimize downtime to the operations environment
• Drawing on experience and knowledge of Enterprise IT environment to propose a temporary work-arounds with aim of mitigating impact to production system if security issues arise
• Build the procedures to effectively remediate all security incidents with the intent of minimizing the business impact and restoring operational capabilities as soon as possible in conjunction with the operations team

Qualifications / Requirements:

• University degree or professional certification such as CISSP, CISM, CISA, GIAC, PCI, etc required
• Minimum of 5-7 years of recent related experience equivalent to the above
• Knowledge of published security and privacy standards (ISO, NIST, PCI, PIPA)
• Senior knowledge of cyber security technologies including SIEM, IDS/IPS, DDI, etc
• Senior knowledge of network technologies such as DNS, DHCP, TCP/IP, routing, firewalls
• Senior knowledge of operating systems technologies
• Physical and Virtual server knowledge and skillset
• Ability to raise, facilitate, escalate and resolve security events
• Ability to communicate clearly and concisely to diverse audiences, in both oral and written form
• Capable of working on concurrent projects and managing conflicting priorities
• Ability to translate technical jargon into business-friendly language
• Working knowledge of Microsoft Office products
• Ability to maintain confidentiality with having routine access to sensitive information and maintaining confidence of the organization´s information
• ITIL v3 Foundations certification is an asset

Application Deadline: July 23, 2020

We would like to thank all applicants in advance for submitting their resumes. Please note, only those candidates chosen to continue on through the selection process will be contacted.

Additional Information

This position is classified in the Professional Career Band, Level 3 of the Management and Professional Staff Career Framework.

To find out more about management and staff opportunities at the University of Calgary and all we have to offer, view our Management and Staff Careers website .

About the University of Calgary

The University of Calgary is Canada’s leading next-generation university – a living, growing and youthful institution that embraces change and opportunity with a can-do attitude. Located in the nation’s most enterprising city, the university is making tremendous progress on its Eyes High journey to be recognized as one of Canada’s top five research universities, grounded in innovative learning and teaching and fully integrated with the community it both serves and leads. The University of Calgary inspires and supports discovery, creativity and innovation across all disciplines. For more information, visit ucalgary.ca .

The University of Calgary recognizes that a diverse staff/faculty benefits and enriches the work, learning and research experiences of the entire campus and greater community. We are committed to removing barriers that have been historically encountered by some people in our society. We strive to recruit individuals who will further enhance our diversity and will support their professional success while they are here. We encourage all qualified applicants to apply, however preference will be given to Canadian citizens and permanent residents of Canada.