Manager, Information Security

About Durham College

Durham College (DC) prepares students to be career-ready graduates through dynamic hands-on learning, innovative programs led by industry experts, well-being and academic supports and a vibrant campus community.  DC is proud to be one of the fastest-growing colleges in the province and is annually ranked as one of the GTA’s Top 100 employers. Together, we’re leading the way. 

The college offers a wide range of market-driven programs across multiple disciplines, including culinary management, farming and horticulture, business, IT, construction and trades, science and technology, health care, engineering, social and community services, justice, media, art and design.

With a focus on experiential learning, DC graduates are known for having the skills and knowledge employers need. More than 104,000 alumni represent the college, both locally and around the world.

Serving the Durham Region and Northumberland County communities for over 50 years, with campuses in Oshawa and Whitby, the college offers over 12,500 full-time post-secondary and apprenticeship students access to more than 145 full-time post-secondary programs – including four honours bachelor degrees and nine apprenticeship programs. Led by over 1,860 full- and part-time staff, DC has an estimated annual economic impact of more than $913 million on Durham Region.  

About IT Services

IT Services is the central IT division of Durham College which provides shared IT services to both the college and Ontario Tech University.

Three separate departments within IT Services are responsible for respectively providing (i) the IT infrastructure, (ii) the enterprise applications, including the ERP system (Banner), and (iii) IT user support services such as the service desk, level 2 technical support, etc. A director leads each of these departments.

Duties and Responsibilities

Reporting to the Director, Information Security and based in the Office of the AVP, Information Technology, the Manager, Information Security will oversee information security of all operations and infrastructure, either directly or in conjunction with system administrators.  This involves analysis of relevant security logs, alerts and vulnerability assessments.  In addition, the manager will be involved in the maintenance of security tools and technology, either directly or in conjunction with the infrastructure team.

The incumbent helps define and ensure adequate controls and settings are implemented within security realms, such as firewalls, data protection and auditing, patching, encryption, vulnerability scanning, and pen testing. This is achieved by liaising with the teams that oversee the proper deployment, configuration, and functioning of these systems.  They work across IT Services and departments in the college and university to lead and facilitate information security improvements. 

The incumbent will oversee internal and external policy compliance.  Our employees and vendors must understand and comply with any cybersecurity risk management policies and operate within that framework. The manager will oversee regulation compliance such as PCI data or other personally identifiable information.

This position works with other departments within the college and university to reduce risk.  In conjunction with the Director, Information Security the incumbent will assist with and maintain the security incident response plan and ensure cybersecurity remains on the organizational radar of both Durham College and Ontario Tech University.  The manager will work closely with the IT management team to ensure a secure information technology environment.

Qualifications

1. Minimum four-year degree in computer science, information technology, or information management.
2. CISSP certification is required.
3. ITIL certification and CISM or CISA certifications are an asset.
4. Minimum 7 years of relevant experience and involvement in information security in an enterprise IT environment.
5. 5 years’ experience in information security management and/or related functions (such as an IT audit) in an enterprise environment.
6. Specialized knowledge in IT infrastructure security, application security, endpoint security, data encryption, business continuity, vulnerability testing, forensic analysis, cloud architectures, and PCI compliance.
7. Broad knowledge of servers and operating systems, advanced administration practices, enterprise services such as email and directory services, ERP systems, cloud hosting and relevant ITIL processes.
8. Proven strong project management and people management, including experience managing external vendors.
9. Strong leadership, written and verbal communication and interpersonal skills.

Annual Salary: $92,710 - $123,614

Please apply below by submitting your cover letter and resume to the online portal.  Job Competition closes at 4:00p.m. on June 9th, 2023. Competition number AD23-07R.