Security Specialist

The Kativik Regional Government (KRG), a supra municipal body with jurisdiction over the territory located north of the 55th parallel, is now looking for a self-motivated and dynamic individual interested in joining the KRG to work in the capacity of:

SECURITY SPECIALIST

(PERMANENT, FULL TIME)

Under the supervision of the Assistant-Director – Information Technology section, the Security Specialist is responsible for, without being limited to, the following responsibilities:

• Take a hands-on leading role for all aspects of KRG infrastructure security.
• Report status on activities, issues, projects, etc., to senior staff/management, including the effectiveness and efficiency of security activities.
• Help define and ensure compliance with security policies, processes, and standards to build a comprehensive cybersecurity program while applying best practices and international cybersecurity standards (ISA/IEC 62443, 27001-2, and NIST).
• Conducting cybersecurity and physical security vulnerability assessments to identify risks based on technology, organization, or operations.
• Lead cyber threat and security incident identification, protection, detection, response, and remediation activities impacting the manufacturing operations environment and escalating to management.
• Manage critical components such as firewalls, proxies, content filtering, load balancers, VPN gateways, IDS, and IPS.
• Enforce security standards and ensure day-to-day operations run smoothly.
• Propose new standards, tools, policies, and procedures to improve security, compliance, and risk management activities based on security operations findings, or security events or incidents.
• Monitor and administer security tools, including IPS/IDS, firewalls, DDoS protection, antivirus, server patching, web filtering, NAC, data loss prevention, proxy, and email filtering.
• Collaborate with System Admins, third-party sources, and suppliers to understand network security requirements, controls, policies, and threats.
• Identify opportunities to eliminate risk, enhance service capabilities, and reduce costs.
• Create network security technology infrastructure architectures to support business and technical initiatives.
• Provide expertise on network security hardware and software technologies.
• Stay up to date on information technology trends and security standards.

Qualifications

     Demonstrated experience in security awareness, with a strong knowledge of NIST or similar risk and control                frameworks for operational technology environments (CoBIT, ISO, ITIL, PCI)

• Familiarity with computer network penetration testing and techniques, with an ability to identify and mitigate network vulnerabilities and explain how to avoid them.
• Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Knowledge of patch management, with the ability to deploy patches in a timely manner while considering business impact.
• An understanding and knowledge of incident response.

EDUCATION

• Bachelor’s in computer science or equivalent work experience.

CERTIFICATIONS

• Security certifications (CISSP, SSCP, CISA, CISM) would be an asset.

TECHNICAL REQUIREMENTS:

• 10 plus years of relevant experience in network security and IT operations.
• Administration of Windows Server platform, Office 365 Cloud, Active Directory, Azure, InTune
• Proven experience with VMware ESXi (vSphere/vCenter) environments as well as Cloud infrastructure: Entra, AWS.
• Proven experience in Storage and Data Backup, Replication, and Recovery using Veeam, QNAP, WORK drives, etc.
• Knowledge of monitoring systems and automation, such as PRTG, Zabbix, Nagios, Ansible, Jenkins, PowerSuite, including script writing for automation
• A collaborative team player who can adapt to changing project and client needs.
• Excellent communication skills. Knows when to ask questions, seek out help, and has strong technical writing capabilities.
• A versatile problem solver that seeks to exceed expectations.
• The ability to convey complex cybersecurity concepts in a clear and understandable manner to diverse audiences.

PERSONAL QUALITIES / ABILITIES:

• Highly flexible and able to quickly adapt to changing priorities to manage strict timelines.
• Strong business acumen; change management, negotiation, and facilitation skills.
• Proven ability to collaborate, build relationships, and influence individuals at all levels in a matrix-management environment, both internal and external.
• Strong communication skills with a proven ability to understand key concepts and communicate effectively with technical staff, business stakeholders, and senior management.
• Ability to embrace continuous improvement while proposing new and/or better ways of doing things.
• Demonstrated ability to work in a fast-paced environment with a high degree of change while maintaining critical analysis.
• Ability to transfer his/her knowledge to others.
• Strong focus on customer service-oriented personality.
• Good verbal and written communication skills.
• Written and oral working knowledge of at least two (2) of the following languages:  Inuktitut, English, and French.
• Must be available to occasionally work overtime, outside office hours, and be available on-call.
• Must be available to travel in Nunavik.

Place of work:  Hybrid with travel in Nunavik

Salary:  Min. $ 63,716 – Max. $ 109,329 yearly 

Other benefits:                       

Simplified Pension Plan: 6,25% employer, 4% employee; 

Group Insurance;

Vacation: 20 days/year

Statutory Holidays: 20 days including 10 during Christmas holidays.