This job posting has expired.

Here are some similar positions.

Manager, Security Operations Centre

December 5 2021
Industries Education, Training
Categories Information Technology, Consultation, Business analyst, Security, Continuity, Risk
Kingston, ON

We are seeking an experienced security operations leader to lead the team that provides situational awareness through the detection, containment, and remediation of cybersecurity threats facing the university. The Manager of the Security Operations Centre works with a team of skilled IT security professionals to ensure that threats and incidents are properly identified, analyzed, communicated, investigated and reported. This key role is also accountable for the integrating new solutions and services production, supporting the change and release management processes.

This role requires a knowledgeable cybersecurity professional who is interested in operationalizing distributed cybersecurity policies, processes and technologies amongst the various departments and faculties that make up Queen's University. To be successful in this position, you will need to embrace a diverse digital landscape, be able to communicate effectively with all levels of the organization when sharing findings and providing remediation plans grounded in cybersecurity best practices. You'll also be expected to build relationships and collaborate with colleagues from industry and across the higher education sector.

As a critical thinker able to distinguish real from perceived threats, you have a deep understanding of the ever-changing cybersecurity environment from our campus in Kingston, Ontario or remote. If you're looking to take on a leadership role in this fast-paced environment, we look forward to hearing from you.


Oversees Security Operations Centre
• Manages the Security Operations Centre (SOC). Responsible for the effective and efficient operations of the SOC including data collection, report generation, incident monitoring/response, monitoring system performance, communications, education, and vulnerability management.
• Manages system, process improvement, and the quality assurance program.
• Writes and reviews executive and technical reports.
• Oversees the triage of security events and incidents, and facilitates communication within the SOC, and with IT and the Incident Response Team.
• Manages multi-disciplinary teams during the resolution of security incidents and works with other IT Managers to manage availability of resources.
• Responsible to oversee incident response activities for Cloud or on-premise environments, collecting data, coordinating, recording and reporting on activities and decisions as well as documenting progress throughout the incident response life-cycle.
• Collaborates with Security Engineering to deploy and maintain network security monitoring and assessment tools.
• Maintains a gap analysis of SOC capabilities and advocates for enhancements.
• Provides regular communication and status of incidents to stakeholders.
• Designs, establishes, maintains, and optimizes processes, tools and activities in support of the Cybersecurity Program, including preparation, detection, analysis, containment, eradication and post-incident review.
• Sets the objectives of the Security Operations Centre and is responsible for continual service improvement techniques and best practices supported by standard reporting of the services delivered by the unit.

Oversees Service Transition
• Plans and prioritizes the main activities required to efficiently transition new solutions and services into production, predominantly those requiring involvement across multiple units within the Directorate of Service Operations, in close collaboration with a diverse group of service owners, service managers, service teams, planners, and project managers.
• Acts as the prime interface for the Directorate of Service Operations for major service transition planning and reporting.
• Determines the scope and policies for overall service transition, ensuring that they are clearly documented and effectively communicated to all stakeholders.
• Sets quality requirements, selects and adopts best practices that will assist IT Services in delivering significant benefits by facilitating the service transition of business operations and processes, including decommissioning, and discontinuing services, applications, or other service components.
• Coordinates the cross-functional overall design and on-going maintenance of all service transition processes to ensure that they will work together with tightly integrated interfaces to meet the overall needs of the business. Ensures that the policies, processes, and procedures are integrated with existing policies, processes, and procedures within and across the university.
• Maintains records and provides management information on resource use, project/service transition progress, budgeted and actual spend.
• Manages and coordinates the functions that are involved in service transition such as configuration management, knowledge management, change management, and release management.
• Coordinates and schedules service transition activities across projects, suppliers and service teams. Ensures that standards and procedures are followed during implementation of information systems.
• Ensures that the final delivery of each service transition meets the agreed customer and stakeholder requirements specified in the service design package.

• Leads employees by promoting a professional, supportive and inclusive work environment.
• Plans, prioritizes and manages the department workload and provides strategic and tactical advice, guidance and coaching. Identifies staffing resource requirements and participates in the hiring process.
• Establishes performance standards, reviewing and evaluating performance and conducting formal performance reviews on a consistent basis.
• Assesses staff training and development requirements to meet or exceed performance standards.
• Investigates, addresses and resolves employee/labour relations issues, including disciplinary matters. Recommends an appropriate course of action including discipline, discharge and probationary termination.
• Required to be available after hours for emergency contact and to support the team during any significant incidents, upgrades or project implementations.
• Understands IT industry best practices, standards, and resources to ensure continuous optimization of IT delivery effectiveness.

• University degree in Computer Science, Computer Engineering, IT Management, IT Security or related field combined with several years of management experience including training, development, corrective action and scheduling.
• CISSP, SECURITY+, Microsoft Azure, SANS, and ITIL certifications are considered an asset.
• Experience solving complex problems, organizing workload with a strong result orientation, and interacting effectively at all levels.
• Experience leading discussions and working effectively with senior management level.
• Experience with and strong ability to prioritize and execute tasks and make sound decisions in emergency situations.
• Knowledge of network protocols, enterprise architecture, and network security systems and products.
• Knowledge of security operations/procedures, analytical products and ITIL fundamentals for Service Management.
• Excellent verbal and written communication skills including experience in writing technical documentation.
• Consideration may be given to an equivalent combination of education and experience.

• Building Relationships: builds constructive working relationships characterized by a high level of acceptance, cooperation, and mutual respect.
• Business Acumen: builds strong business acumen by sustaining a strong customer service perspective.
• Change Management: champions change and fosters the team and environment for change.
• Collaboration and Teamwork: promotes collaboration and commitment within a team to achieve goals and deliverables.
• Communication: displays confidence and articulates a clear message when interacting with diverse audiences utilizing excellent verbal and written communication skills.
• Client Orientation: builds and maintains a client-centric culture by working closely with the customer while maintaining a high level of client satisfaction.
• Decision Making & Judgement: relies on experience, thinking several steps ahead in deciding the best course of current/future actions to develop, recommend policy framework based on analysis of emerging trends.
• Integrity: earns others' trust and respect through consistent honesty and professionalism in all interactions.
• Initiative: acts to address problems, focuses on results and desired outcomes and how best to achieve them and gets the job done.
• Leadership: sets clear, meaningful, challenging, and attainable common goals and expectations that are linked to the mission, vision, values and goals aligned with the organization and strives to achieve them.
• Planning & Organizing: executes proposed actions within predetermined timelines against organizational goals. Develops and integrates current/future plans to achieve the overall organization goals.
• Strategic Perspective: develops and proactively implements long term organizational goals, considering the competitive landscape, that will move the organization forward.
• Innovation: develops creative ideas that provide solutions to all types of workplace challenges.
• Driving for Results: demonstrates a desire to meet and exceed one's own performance objectives. Not accepting the status quo, takes a calculated risk to improve the organization's performance.
• Developing Others: enables team members to grow and succeed through consistent constructive feedback, and encouragement.
• Self-Development: displays an ongoing commitment to learning and self-improvement to enhance the performance of the team.

• Determines development and support requirements, contributes to the development of strategic plans and objectives, and participates in budget planning and decision‐making as a member of the broader IT Services Leadership Team.
• Decides, where authority is delegated, on appropriate actions for reacting to information security incidents that may jeopardise the assets, responsibilities or reputation of the University.
• Advises administrators on security operations issues and make recommendations to staff regarding the acquisition and implementation of security systems and monitoring tools.
• Plans new initiatives within the Unit, and upon request, technological initiatives for other units and departments. Determine project guidelines and timelines.
• Allocates time and resources such that objectives are achieved, operational requirements are met, or to ensure project completion, based on the priority of current workloads. Makes decisions on completeness of all related development and support assignments, relative to planning timelines and project work plans. Decides how work may be assigned based on the skill sets, competencies and workloads of the team members. Appropriately prioritizes, implements and oversees responses to urgent or emergency situations.
• Makes human resource management decisions. Determines staffing resource requirements and team priorities and objectives to ensure the quality of services is both effective and aligned to planned work.
• Works as a member of the IT Services Management team, determines approach to ensure all areas are supporting each other and collectively meeting IT Services goals.
• Determines when to advise or involve the senior management.
• Evaluates job candidates and makes effective recommendations on suitable hires.
• Makes decisions and/or effective recommendations regarding transfers and promotions.
• Evaluates employee performance and decides on appropriate training or coaching to address lack of proficiency in carrying out responsibilities, or remedial action for staff disciplinary situations.
• Assesses investigation outcome of grievances and makes effective recommendations on appropriate course of action or next steps on grievances.
• Makes effective recommendations on level of discipline up to discharge and probationary termination. network