IT Security Architect
IT Security ArchitectFinance & Technology – Information Technology and GIS Division
Status Exempt Management
Salary Range $88,447 - $104,056 annually (2016 rates)
Review of applications begins 4:00pm on June 25, 2018, but the position will remain open until filled
The IT Security Architect leads the operation, support and maintenance of the CRD’s IT security management strategy. The position is responsible for analysing and evaluating controls, leading and performing security assessments, and is responsible for risk and compliance management and reporting, including; risk assessments, System Security Plans, Security Assessment Reports and Vulnerability Assessments.
Key Accountabilities / Position Outcomes
- Provides specialized expertise, consulting and training to all areas relevant to corporate security both within the IT department and working with corporate stakeholders.
- Oversees, develops, and administers policies and procedures for effective vulnerability management which includes: Identifying, coordinating mitigation steps and the monitoring and reporting results of all known mitigation efforts.
- Leads, implements and administers the CRD’s electronic risk management profile, including developing standards, protocols and data loss prevention recommendations.
- Provides leadership, oversight and strategic direction to departmental and corporate initiatives and programs within area of security responsibility.
- Liaises with external organizations to coordinate and verify sound security measures.
- Conducts security risk assessments both at the enterprise and system level, producing and communicating a Security Scorecard on a regular basis.
- Assists in security incident response planning and practice. Cooperation with other Protective Services functions to create a common and documented security posture.
- Develops, leads and participates in security awareness and corporate training initiatives.
- Stays current on modern security strategy including all laws and regulations which have impacts on the corporation.
- Responsible for the leadership and management of employees and contractors within area of responsibility, including employment and labour relations matters involving: employee hiring, promotion, demotion and other personnel matters; discipline and discharge; representing management in the grievance procedure; input on behalf of management into labour relations matters, and representing management on committees; maintaining Employer confidentiality; and developing, supporting and implementing various corporate and legislated policies, procedures and practices.
- Degree in computer science, information systems or computer engineering plus a minimum of eight (8) years experience in Information Technology including a minimum of five (5) years’ of Information Security experience. Must be Certified Information Systems Security Professional (CISSP) certified.
Role-specific Knowledge, Skills & Abilities
- Expert knowledge of TCP/IP and associated protocols
- Experience working in a complex IT environment Including prior experience in at least one of the following:
- Application development
- Network engineering or operations
- System administration
- Expert skills in Active Directory architecture and administration
- Strong technical skills in policy management
- Advanced Microsoft Windows Networking operating and diagnostic skills with sound network management principles.
- Thorough knowledge of Canadian Provincial and Federal laws pertaining to information security
- Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO/IEC 27001:27013, CIS CSC, PCI DSS
- Experience with Data-Loss Prevention and IPS/IDS systems
- Experience using security scanners and remediating vulnerabilities (e.g. Nessus, etc)
- Active Directory authentication methods, script writing and registry expertise
- Superior troubleshooting and analytical skills
- Excellent communication (verbal and written), interpersonal and customer service skills are required
To apply for this exciting opportunity, please submit your resume and covering letter online at www.crd.bc.ca under “Careers”. The CRD wishes to thank you for your interest and advises that only those candidates under active consideration will be contacted.
Appendix – Leadership Profile
Leadership Profile: CRD Leaders are champions for creating an accountable, high performance, service oriented organization that makes a difference in our community. They pay attention to shifts and trends in an ever-changing and complex environment and think strategically to serve residents, businesses and local governments today while developing a sustainable organization for the future.
Leadership Summary: Leaders at this level are generally recognized as fully qualified professionals who apply their in-depth knowledge and experience and best practice in their own discipline to respond to a wide range of moderatelycomplex and complex problems and situations. They interpret and respond to client needs and improve products or services in their own area. Working with minimal direction, they monitor and control costs within their own work, explain difficult issues to establish consensus, and promote teamwork, potentially coaching and guiding others.
CRD Leadership Competencies: While CRD Leaders are accountable to all Leadership Competencies, the following have particular relevance to this position:
Thinks strategically when analyzing issues, making decisions and prioritizing actions, including:
- Takes an organizational perspective
- Ensures client and stakeholder interests are considered
- Aligns decisions and actions with the CRD strategic plan
- Assesses social, economic and environmental trends for opportunities and challenges
Is Accountable for Results
Aligns the people, resources and systems necessary to deliver business results, including:
- Takes personal accountability for actions and outcomes in own area of responsibility
- Delegates appropriately to achieve results
- Empowers others to be accountable by setting clear outcomes, checking-in regularly, and providing mentoring to ensure goals are met
- Celebrates individuals/teams successfully delivering outcomes
Focuses on Service
Maintains a focus on service (internal and external) including:
- Solicits information and feedback from clients and uses it to continually improve service
- Ensures decisions and changes align with our core business and serve the client
- Models a personal commitment to making a difference for clients
- Empowers employees to be accountable by removing barriers to service
- Recognizes and rewards employees for finding ways to improve service