This job posting has expired.

Senior Security Architect/Engineer

September 10 2020
Industries Education, Training
Categories Information Technology, Engineering, Systems architect, Design, Security, Continuity, Risk, Computer Engineering, Software Engineering
Kingston, ON

The Information Technology Services department is growing its IT security team tasked with designing, building, configuring, testing and deploying security technologies in a diverse and decentralized technology landscape. The newly-created role of Senior Security Architect/Engineer works closely with other security specialists to investigate information risk, facilitates remediation of identified vulnerabilities and as a member of the Incident Response Team, addresses security incidents affecting the university community.

As the Senior Security Architect/Engineer, you are the go-to problem-solver with a known willingness to share your expertise. You are experienced collaborating with peers in the areas of network, cloud and data engineering. You are committed to supporting the architecture and development of a resilient digital environment. Your depth of knowledge in project planning, organizational change management and evaluating current state equipment, platforms, protocols, systems and tools position you to drive results and recommendations for security architecture and security technologies that meet the strategic goals and digital demands of the higher education bring-your-own-device environment. You bring value to your team and contribute to the success of transformative initiatives well into the future.

If you thrive in a space where no two days are alike, and if you have a limitless curiosity about security technologies, we want to hear how you will bring to life the role of Senior Security Architect/Engineer.

• Stays current with relevant advances in security technologies, gains a deep understanding of the University's strategic goals and delivers the future state security architecture.
• Leads and participates in requirements gathering and analysis.
• Performs scoping and translates customer business requirements into technical specifications and scoping documents.
• Produces feasibility and effort estimates.
• Plans solution design and delivery steps, deployment phases, and quality assurance guidelines.

Design & Engineer:
• Designs secure, robust, capable security technologies for the University.
• Translates requirements into detailed design documents and technical specifications document.
• Develops architecture documents to ensure solutions proposed by various internal teams, third party vendors and/or customers meet customers' technical and functional business requirements that adhere to all industry and customer specified standards.
• Analyzes data to ensure network capacity meets the current and future security requirements; tests new protocols and security technologies, and develops a strategy for implementation.
• Configures and tests the performance of security systems elements.

Transition to Operations:
• Delivers security capabilities and service transition documentation.
• Provides Tier 3 troubleshooting.
• Provides technical leadership and knowledge transfer to technical staff that supports the campus security capabilities.
• Identifies training activities to develop skills for Tier 1-3 technical support.
• Defines and documents scope of work for multiple projects and activities with varying levels of complexity, timelines, and importance within the team.
• Coordinates with the service operations teams for project implementation.
• Participates in implementation, verification, and acceptance testing of new security capability hardware, software, services, or functionality.
• Produces and maintains detailed technical documentation (architecture, operations procedures, and specifications).
• Develops and deploys automated operational tools to facilitate the management of security systems.
• Provides management and executive team members with reports on project status, accomplishments, milestones, and challenges.
• Participates in change management procedures, and weekly meetings.
• Provides technical consultation to both internal and external teams.
• Establishes and maintains partnerships with teams and vendors involved in projects.
• Works with vendors and stakeholders to understand product and solution roadmaps.
• Develops and documents security architecture reference material.
• Manages changes to the project scope, project schedule, and project costs using appropriate verification techniques.

• Understands IT industry trends, business trends, IT best practices, standards, and resources to ensure continuous optimization of IT service delivery.
• Provides ongoing coaching to team members for current assignments and develops them into positions in which they will succeed. Sets goals that requires continuous improvement of performance through constructive feedback, cross-training and skill development.
• Acts as a professional, promoting a supportive and inclusive work environment.
• Provides work direction, and technical/functional guidance to staff. Schedules and assigns work, and oversees its completion. Coordinates and monitors work flow.
• Schedules and approves, or recommends the approval of, employees' hours of work, overtime and absences. Monitors and oversees employee attendance.
• Participates in screening and interviewing job candidates, and providing input into staff selection.
• Reviews assignments and provides feedback on work to employees. Provides input on work performance to management staff.
• Provides orientation and on-the-job training to employees in the unit. Provides coaching and feedback on work quality issues, providing related day-to-day supervision. Escalates unresolved performance and/or disciplinary matters to management.

Continuous Improvement:
• Mentors IT Services and customers on adherence to security capabilities design and service architecture guidelines.

• University degree with a concentration in computer engineering, electrical engineering, computer science or related field combined with several years IT security or information security experience with a proven ability to engage with all levels of management.
• Strong experience in leading and managing professional and technical staff.
• Advanced IT experience with network security, operating system security, Internet/web security, DLP, anti-malware, IDS/IPS, penetration & vulnerability testing, cyber security, and the ability to read and understand vulnerability bulletins, and security event data.
• Experience in conducting IT compliance assessments upholding standards and processes.
• Professional certification: CISSP is desirable.
• Knowledge of common implementation technologies and protocols, for example, SIEM, IdAM, Unix scripting, LDAP, Radius, SSO, VDI, databases, Active Directory and web stacks on Linux and Windows.
• Experience in developing security architecture and integrating security capabilities in a complex environment.
• Experience with multiple networking protocols and topologies, operating systems, Internet technologies (Domain Name Service, Email, Public Key Infrastructure) and fluent with IT security technologies.
• Excellent verbal and written communication skills including experience in writing technical documentation.
• Consideration may be given to an equivalent combination of education and experience.

• Building Relationships: builds constructive working relationships characterized by a high level of acceptance, cooperation, and mutual respect.
• Business Acumen: builds strong business acumen by sustaining a strong customer service perspective.
• Change Management: champions change and fosters the team and environment for change.
• Collaboration and Teamwork: promotes collaboration and commitment within a team to achieve goals and deliverables.
• Communication: displays confidence and articulates a clear message when interacting with diverse audiences utilizing excellent verbal and written communication skills.
• Client Orientation: builds and maintains a client-centric culture by working closely with the customer while maintaining a high level of client satisfaction.
• Decision Making & Judgement: relies on experience, thinking several steps ahead in deciding the best course of current/future actions to develop, recommend policy framework based on analysis of emerging trends.
• Integrity: earns others' trust and respect through consistent honesty and professionalism in all interactions.
• Initiative: acts to address problems; focuses on results and desired outcomes and how best to achieve them and gets the job done.
• Leadership: sets clear, meaningful, challenging, and attainable common goals and expectations that are linked to the mission, vision, values and goals aligned with the organization and strives to achieve them.
• Planning & Organizing: executes proposed actions within predetermined timelines against organizational goals. Develops and integrates current/future plans to achieve the overall organization goals.
• Strategic Perspective: develops and proactively implements long term organizational goals, considering the competitive landscape, that will move the organization forward.
• Innovation: develops creative ideas that provide solutions to all types of workplace challenges.
• Driving for Results: demonstrates a desire to meet and exceed one's own performance objectives. Not accepting the status quo, takes a calculated risk to improve the organization's performance.
• Developing Others: enables team members to grow and succeed through consistent constructive feedback, and encouragement.
• Self-Development: displays an ongoing commitment to learning and self-improvement to enhance the performance of the team.

• Determines when to make security changes to production networks/systems, which affect users across campus.
• Determines the timing of resolving security problems. Develops timely solutions to avoid major administrative problems caused by security breaches.
• Acts as consultant to campus customers and make recommendations on methods of doing work under current procedures.
• Confidentiality is paramount; therefore, aptitude to differentiate what information is sharable when and to whom.
• Determines when to involve senior staff in resolving complex or sensitive systems problems.
• Allocates time and resources to ensure project completion, based on the priority of tasks on hand.
• Assesses the suitability of job candidates and recommends the most appropriate person for hire.
• Determines priorities and makes decisions about staff utilization and the assignment of work to achieve optimum efficiencies and productivity.
• Assesses employees' training needs and makes recommendations for internal or external training to attain proficiency.
• Monitors and assesses output and the quality of employees' work, and recommends need for formal training or development plans to management and identifies possible staff performance and/or disciplinary issues.
• Deals with operational problems that occurs outside of working hours to avoid major customer impact.
• Plans new initiatives within IT Services and, upon request, for other departments. Determines project guidelines and time lines. network