IT Security Expert - Toronto, Canada - Toronto Public Library

Toronto Public Library

Verified Company

Toronto, Canada

5 days ago

Posted by:

Sophia Lee

beBee Recruiter

Description

The IT Security Expert is responsible for the continuous improvement of TPL's information security
practice, which includes three core functions - performing threat risk assessments, continuous
improvement of the IT security governance practices, and resolving cybersecurity incidents. The
Officer has responsibility for IT security design, planning and compliance. Other tasks include
involvement in the implementation of new security solutions, participation in the creation and/or
maintenance of policies, processes, guidelines, and procedures as well as conducting vulnerability
audits and assessments. The incumbent is expected to be fully aware of TPL's security governance,
strategy, and roadmap as established by its stated policies, standards, and processes, and to work
actively towards upholding those standards.

DUTIES:

Under the general direction of the designated supervisor, and working within a team structure, this

position is responsible for:

General IT Security Functions:
Researching, recommending and maintaining up-to-date baselines for the secure

configuration and operations of all systems, whether they be under direct control or not
(e.g., workstations, servers, network devices etc.).

Serve as a key contact to work with security vendors in responding to cybersecurity
incidents and potential threats.

Researching, investigating and recommending actions for industrial and City of Toronto
security advisories.

Leading investigations into problematic activity, security alerts, incidents/breaches, risk
reports, and user reports.

Participating in the design and execution of regular vulnerability assessments, penetration
tests, and internal security audits.

Working with other colleagues in planning and defining security; working with vendors in
developing Business Continuity Plan for IT security incidents; attending TPL Change
Advisory Board meetings to review change requests; and ultimately ensuring IT security is
part of the daily IT practices and system implementation.

Regularly presenting IT security topics in varies committees or user groups and conduct ad
- hoc user awareness training

Performing other duties as assigned.

Threat Risk Assessment:
The duties include the leading all aspects of threat risk assessments through coordination and

hands-on work, including the following:
Defining and recommending scope;

Collecting data through the review of policies and procedures, co-ordinating technical
resources, and running security tools;
Analysis of the adherence to policies/ procedures and identifying any gaps;
Identification and analysis of threats;
Perform hands-on vulnerability analysis or reviewing the results of external results; and
Facilitating and recommending the resolution of cybersecurity risks related to the

company's risk register.

Continuous Improvement of IT Security Governance Practices:
The duties include ensuring the improvement to the governance practice, including the following:
Maintaining the cybersecurity risk register;
Managing the cybersecurity training program;
Building the long-term strategic roadmap for IT security practice;
Aligns IT strategy and planning with the company's business goals and objectives;
Creates and communicates security strategies, capabilities and plans, including future

states and roadmaps, to all partners including the business, delivery teams, and ITS
Management;
Researches and understands industry trends and their applicability to the enterprise;
Identifies gaps in policies/ procedures and recommends improvements;
Manages adherence to policies, procedures, and standards;
Monitors and creates security reports while working with the security operations groups;
Prepares the enterprise for security audits by assessing processes and documenting

evidence;
Manage the expansion of security tools; and
Conducting targeted audits and being hands-on to address any gaps.

Resolving Cybersecurity Incidents:
The duties include the resolution of cybersecurity incidents, including the following:
Monitoring and identification of cybersecurity incidents;
Collecting data and assessing the quality of evidence;
Categorization of the cybersecurity incident;
Triaging and prioritizing the cybersecurity risk;
Managing the cybersecurity incident response activities with key stakeholder groups; and
Collecting learned lessons and monitoring resolution.

QUALIFICATIONS:

Post-secondary degree in Computer Science with a focus on cybersecurity
Knowledge and practical experiences of implementing and enforcing cybersecurity

standards:
ISO 27001, NIST, ITSG-33, etc.
Ten (10) years of related experience or an equivalent combination of education, training,

and experience in an IT security role

Experience with security management technologies:
firewalls, proxies, IPS/ IDS, PAM, IAM,

vulnerability scanners

infrastructure
Working technical knowledge of SIEM as a SOC analyst
Team-oriented and skilled in working within a collaborative environment
One or more of t