Information Security Lead

Location: Montreal, QC (on-site)

Term: Permanent

High Tech Genesis is hiring an Information Security Lead to join the Information Services team. Reporting to the CSO and CIO, this role will lead cybersecurity initiatives, ensure compliance with security standards, and integrate security into all projects and services across departments.

In this role, you will:

• Review system security measures, design, and lead implementation of IT security systems and policies.

• Lead on development and delivery of measures and metrics to support the assessment, reporting and ongoing improvement of the information security posture of colleges.

• Build strong collaborative relationships with the Head of IS, Head of Software Engineering, Product Manager, and departmental Heads and Leads to support the delivery of Information Security improvement objectives.

• Work closely with college stakeholders to keep abreast of planned changes to technologies, working practices, and business activities that could have an impact on group and individual Information Security or risk profiles.

• Audit controls via a security standard such as the NIST or ISO27001, providing advice to the Head of IS and IT Managers in mitigation options, suggesting and where appropriate, putting in place measures to satisfy control requirements.

• Work with the Data Protection Officer (DPO) and DPO Assistant to ensure that the group can meet Information Security requirements.

• Manage and improve Identity and Access Management procedure.

• Use influencing skills to ensure collaborative working to engender a level of quality improvement across the group.

• Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software as part of Privacy by Design and Defaul.t.

• Manage and coordinate operational components of security incident management, including detection response and reporting.

• Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk.

• Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place.

• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are following policies and audit requirements.

• Review, escalate and action any unusual event behaviour identified through the groups information security systems.

• Create standards in system hardening, change management, documentation.

• Perform periodic firewall audits.

• Ensure disaster recovery and data restoration processes work.

• Ensure appropriate Corrective and Preventative Actions are implemented in line with best practice guidance.

• A record of accomplishment in and experience of introducing Information Security Improvement through successfully designing, implementing, and improving IT security architecture and controls.

• Working technical knowledge in broad domains of IT infrastructure such as data networks, cloud server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems.

• Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, Data Loss Prevention, digital certificates, encryption and authentication techniques, forensics, and LAN / WANs.

• Solid understanding of security protocols, cryptography, authentication, authorization, and security.

• High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity.

• Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (e.g.: ISO 27001/2, COBIT).

• Working knowledge of managing relationships with suppliers.

• A passion for information security and a keen interest in IT.

• Demonstrable experience of leading and working as part of a team.

Bonus skill:

• Bilingual English and French written and spoken

High Tech Genesis Inc. is an Equal Opportunity Employer.Diversity and inclusion are at the core of our values. Please advise High Tech Genesis of any accommodation measures you may require.

Please be advised:

1. Applicants must have the legal right to work in Canada.

2. Kindly submit your resume in MS Word format upon application for this position.