Cybersecurity Architect - Vancouver, Canada - The University of British Columbia

    The University of British Columbia
    The University of British Columbia Vancouver, Canada

    2 weeks ago

    Default job background
    Full time
    Description

    Job Summary

    The Cybersecurity Architect provides highly specialized and advanced technical expertise and mentoring in the design and implementation of security solutions based on business, security, and privacy needs. This position leads Security Threat Risk Assessments and provides subject matter expertise in the development of security standards, processes, and guidelines. Additionally, they research and identify new and emerging trends in security. The Incumbent acts as an internal solutions architect for the UBC Cybersecurity team and provides technical project leadership for internal cybersecurity projects.

    A fixed schedule is set for this role but flexibility is required as some work must be performed outside of regular business operating hours. This position may be required to participate in an on-call rotation schedule. While this position is eligible for remote work, on-campus attendance is required on a weekly basis.

    Organizational Status
    Reports to the Senior Manager, Solutions Security and Architecture. Works independently and jointly within the Solutions Security and Architecture team. Collaborates with management and staff from all areas of the Chief Information Security Officer portfolio, UBC Information Technology, other administrative and academic offices, and faculties to coordinate security activities. Interacts directly with other University technology professionals.

    Work Performed

    Architects security solutions and presents comprehensive proposals for the protection of applications and systems across all UBC properties and networks, considering functional, integration, security, privacy, availability, and scalability requirements.

    Acts as a solutions architect for internal cybersecurity projects, translating business and technical requirements into an architectural blueprint to achieve business objectives, and documents all solution architecture design and analysis work.

    Reviews the design of proposed solutions, products, enhancements, and controls, ensuring compliance with UBC Information Security Standards, and integration with existing UBC enterprise services, solutions, and governance. Presents reviewed proposals to the Senior Manager for final approval.

    Leads and conducts Security Threat and Risk Assessments (STRAs) as necessary, leveraging subject matter expertise to ensure comprehensive evaluation and mitigation of cybersecurity risks.

    Provides subject matter expertise to colleagues within the Safety and Risk Services team, aiding them in Privacy Impact Assessments (PIAs) and collaborating with them on joint STRAs.

    Engages actively as a cybersecurity subject matter expert in enterprise and community committees and project meetings, advocating for robust cybersecurity measures and fostering a culture of security awareness, regulatory compliance, and compliance with UBC Information Security Standards.

    Researches and proposes new or enhanced cybersecurity solutions to meet current and emerging cybersecurity and privacy requirements, and remains current with cybersecurity threats and industry technology.

    Reviews existing cybersecurity solutions to ensure they provide sufficient protection against current and emerging threats, and are suitable for current and emerging technologies. Discusses enhancement approaches and recommendations with Cybersecurity staff.

    May lead the implementation, testing, and validation of accepted solutions and enhancements.

    Designs and leads the implementation of automated solutions to perform regular testing of security control effectiveness.

    Develops and maintains relevant solutions documentation for Cybersecurity teams, development teams, IT operations teams, and end-users. Ensures that documentation is appropriate for target audience, and is organized, published, and distributed using established channels.

    Leads the definition and documentation of best practices for secure development, deployment and hardening of solutions and common technologies used throughout the university. Assists with implementation of best practices as required.

    Leads the development of technical communication materials and participates in strategy planning aimed at educating members of the UBC community on established security best practices and greater UBC Information Security Standards.

    Facilitates workshops and delivers targeted training.

    Maintains communication and develops relationships with the community in order to build a sound knowledge of their businesses and priorities. Develops recommendations for security solution improvements and efficiency based on client feedback.

    Works collaboratively with colleagues in Enterprise Architecture and Enterprise Data Governance to ensure Cybersecurity solutions, integrations, and data models are in keeping with the University's defined Information Security Standards, Data Standards, IT standards, and long-term strategic plans.

    Supports the recruitment of project staff and mentors, manages deliverables/outcomes of technical team members assigned to various projects.

    Describes future scenarios and related opportunities. Plans potential responses involving resource holders, peers, processes, and technology. Leads a timely response, seeking internal/external advice and consultation, and sustains progress through uncharted territories.

    Employes Strategic Technology Planning methodologies in support for research related to functional architectures and technology needs for a significant work area. Provides input to strategic technology planning. Identifies and analyzes unit's strengths and weaknesses and proposes options for investment in and ongoing maintenance of a function or work process.

    Performs other related duties as required.

    Consequence of Error/Judgement
    Effective application security is crucial for UBC to deliver secure services to its broad community. The foresight, leadership and technical expertise of the Cybersecurity Architect directly impact how UBC's applications, infrastructure, cloud providers, and cloud solutions are securely architected, developed, deployed, and operated. Poor management of enterprise-wide security projects, errors in judgement, inadequate planning, indecisiveness will detrimentally affect the security and availability of these systems. Insecure systems could lead to system downtime or a data breach. Besides damaging the reputation of UBC Information Technology and UBC, a breach could also adversely impact the University community, including the majority of students, faculty, Researchers and staff, and could significantly affect funding and revenue.

    Supervision Received
    Works under the general direction of the Senior Manager, Solutions Security and Architecture. The Cybersecurity Architect must be able to work independently and assume full responsibility for their decisions, as well as contribute actively and collaborate openly as a team member. High-level strategic guidance will be received from the CISO and Privacy and Information Security Management leadership teams.

    Supervision Given
    Provides senior level leadership for strategic security projects and initiatives. Plans, directs, and supervises work of technical project team members. May mentor less experienced cybersecurity professionals.

    Minimum Qualifications
    Undergraduate degree in a relevant discipline. Minimum of eight years of related experience including at least two years of managerial experience, or the equivalent combination of education and experience. Candidates must possess cybersecurity industry certifications from recognized bodies such as ISC2, ISACA, GIAC, or EC-Council. Preference will be given to those candidates with demonstrated cybersecurity experience in a large, research-focused, higher-education institution.

    Willingness to respect diverse perspectives, including perspectives in conflict with one's own Demonstrates a commitment to enhancing one's own awareness, knowledge, and skills related to equity, diversity, and inclusion

    Preferred Qualifications

    Preference will be given to those with experience architecting, implementing, supporting, securing, and remediating applications in an enterprise multi-cloud environment. Experience with the security of cloud-based environments, such as AWS and Microsoft Azure, is also preferred. A strong working knowledge of cybersecurity frameworks, models and standards such as CIS Controls, ISO 27001/2, NIST /800-37, OWASP ASVS, or COBIT is essential.

    This role demands experience with incident, request, and change management in a large, complex environment. The candidate should be willing to raise security concerns regardless of ownership or potential impact.

    The Incumbent must be capable of effectively managing all functions within the project management life cycle. Initiative-taking is valued but should be balanced with judgement about seeking input, advice from others. The ability to work independently, as part of a team, cross-functionally, collaboratively with staff at all organizational levels is crucial.

    COMPETENCY PROFICIENCY

    Collaboration - Consistently fosters collaboration and respect among team members by addressing elements of the group process that impedes, or could impede, the group from reaching its goal. Engages the "right people," within and beyond organizational boundaries, by matching individual capabilities and skills to the team's goals. Works with a wide range of teams and readily shares lessons learned and credit for team accomplishments.

    Communication for Results - Converses with, writes reports for, and creates/delivers presentations to all levels of colleagues and peer groups in ways that support problem solving and planning. Seeks a consensus with business partners. Debates opinions, tests understanding, and clarifies judgments. Brings conflict into the open empathetically. Explains the context of multiple interrelated situations, asks searching, probing questions, and solicits expert advice prior to taking action and making recommendations.

    Problem Solving - Diagnoses problems using formal problem-solving tools and techniques from multiple angles and probes underlying issues to generate multiple potential solutions. Proactively anticipates and prevents problems. Devises, facilitates buy-in, makes recommendations, and guides implementation of corrective and/or preventive actions for complex issues that cross organizational boundaries and are unclear in nature. Identifies potential consequences and risk levels. Seeks support and buy-in for problem definition, methods of resolution, and accountability.

    Accountability - Sets enhanced objectives for self and others. Monitors performance trends and identifies opportunities to improve standards. Provides regular feedback and suggests alternative approaches necessary to ensure that organizational objectives and superior standards are achieved. Delegates responsibility and reallocates resources as needed to ensure that priorities are met for initiatives within area of responsibility.

    Business Process Knowledge - Describes and documents critical cross-functional business process flows. Applies business process reengineering techniques and methods in analyzing process flow and accountability charts. Recommends and advocates substantive process enhancements and assesses both internal and external implications.

    Information Systems Knowledge - Identifies means of integrating technical support requirements with enterprise processes and strategies. Identifies technological opportunities to meet client needs. Creates information system solutions to meet the needs of business stakeholders. Partners with appropriate technical consultants, experts, and managers to resolves complex problems across all IT solutions.