Information Security Officer, Threat Management

Position Details

Position Information

Position Title Information Security Officer, Threat Management

Department/Unit Information Security

Location Halifax, Nova Scotia, Canada

Posting Number S260-23

Employee Group DPMG

Position Type Regular, On-Going

Duration of Contract (if applicable)

Employment Type Full Time

Full-time Equivalency (FTE) 1.0 FTE

Salary Commensurate with training and experience.

Classification ADM-07

Provisional Statement

This is a provisional classification. Formal regular review classification procedures may be initiated at any time by the incumbent or supervisor after the incumbent has worked a minimum of six months in the role.

About Dalhousie University

Dalhousie University is Atlantic Canada’s leading research-intensive university and a driver of the region’s intellectual, social and economic development. Located in the heart of Halifax, Nova Scotia, with an Agricultural Campus in Truro/Bible Hill, Dalhousie is a truly national and international university, with more than half of our almost 21,000 students coming from outside of the province. Our 6,000 faculty and staff foster a vibrant, purpose-driven community, that celebrated 200 years of academic excellence in 2018.

Job Summary

Information Technology Services ( ITS ) is dedicated to a constructive, team-orientated environment, gathering varied perspectives, sharing knowledge, and building effective partnerships that enable our partners to achieve their goals by advising, providing solutions, and delivering service excellence in alignment with the University’s mission and goals. Reporting to the Chief Information Security Officer ( CISO ), the Information Security Officer, Threat Management will be responsible for leadership in the development of threat visibility, incident management standards and playbooks, major incident coordination, and vulnerability management.

Key Responsibilities

• Develop vulnerability management standards, KPIs, and vulnerability/risk visibility within the organization, coordinating with CISO on institutional efforts.
• Develop methods, tools, and intelligence, and consult across the university community regarding threat visibility. Deliver education on vulnerability management, threat detection, and threat methods.
• Manage strategic coordination of incident response efforts for major incidents, including coordination of all operational teams across the university units.
• Engage with a broad range of technical groups inside and outside of the university to advise on developing threat and vulnerability risk assessment visibility, operational incident methods, and governance/compliance reporting.
• Assess and manage incident response quality control on university information systems and information assets. Audit actions and outcomes in real-time. Provide tactical and strategic course corrections to all involved university teams.
• Lead the design, development and implementation of new incident management standards, procedures, and playbooks in collaboration with key stakeholders and service providers.

Note

The successful applicant will be eligible for hybrid work (combination of in-person work on campus and remote work) as agreed by all parties based on operational requirements and university guidelines.

Required Qualifications

• In-depth knowledge of IT practices, processes, controls, risk and governance frameworks as well as a broad knowledge of IT support environments, IT infrastructure, endpoint device management, networks, and cloud service environments.
• Demonstrated commitment to ongoing formal and self-study to remain current with best practices in multiple disciplinary areas.
• Experience relevant to information security systems and implementation and the demonstrated ability to learn technically complex environments.
• Demonstrated solid communication (verbal and written), negotiation and presentation skills.
• Proven ability to problem-solve, and assess risks on complex, multidimensional initiatives and projects with excellent judgement, initiative, and follow-through.
• Undergraduate degree in relevant field (e.g Information Security, Information Management) plus a minimum of seven to ten years relevant experience (or equivalent combination of training and experience).
• Completion of industry security certifications ( GIAC /ISC2 or related security designations), or a willingness and ability to achieve relevant information security designations within 3-5 years.

Assets

• Demonstrated experience in large-scale incident management.
• Experience in a post­secondary or public-sector environment.
• Experience involving engagements with senior leaders and decision-makers.
• Experience in a complex, multi-platform IT environment.

Job Competencies

The successful candidate is expected to demonstrate proficiency in Dalhousie’s core and leadership competencies (https://www.dal.ca/dept/leaders.html), in particular:

• Thinking and Acting Strategically
• Self-Awareness & Professionalism
• Relationship Building
• Integrity
• Respect & Inclusion

Additional Information

Dalhousie University supports a healthy and balanced lifestyle. Our total compensation package includes a defined benefit pension plan, health and dental plans, a health spending account, an employee and family assistance program and a tuition assistance program.

Application Consideration

Applications from current university employees and external candidates are assessed concurrently. Current university employees will be given special consideration.

We sincerely appreciate all applications and note that only candidates selected for an interview will be contacted directly by the hiring department or Human Resources.

Diversity Statement

Dalhousie University commits to achieving inclusive excellence through continually championing equity, diversity, inclusion, and accessibility. The university encourages applications from Indigenous persons (especially Mi’kmaq), persons of Black/African descent (especially African Nova Scotians), and members of other racialized groups, persons with disabilities, women, persons identifying as members of 2SLGBTQ+ communities, and all candidates who would contribute to the diversity of our community. For more information, please visit www.dal.ca/hiringfordiversity .

Posting Detail Information

Number of Vacancies One (1)

Open Date 06/23/2023

Close Date 07/24/2023

Open Until Filled No

Special Instructions to Applicant

Quick Link for Direct Access to Posting https://dal.peopleadmin.ca/postings/14103