Change Management à Canada

NOTE : MUST HAVE

NICE TO HAVE

Cyber Security and Privacy 55%

10 years experience with cyber security processes and regulations and standards preferably for the public sector or broader public sector.

10 years experience with cyber security and privacy audits and assessments including :

o Threat risk assessments

o Cyber security assessments

o Assessments of cyber security governance risk and compliance (GRC) programs

o Privacy impact assessments

10 years experience evaluating technical and administrative controls producing cyber security and privacy findings and risk logs / reports and preparing remediation plans preferably for the public sector or broader public sector.

o Experience using maturity models (e.g. CMMI NIST-based proprietary models) to evaluate cyber security capabilities.

10 years experience applying cyber security industry frameworks such as NIST Cyber Security Framework (CSF) v1.1 / v2.0 CIS Controls v8 COBIT and ISO 27001

o Experience working with the new NIST CSF v2.0

10 years of demonstrated experience applying privacy frameworks such as the NIST Privacy Framework ISO / IEC 27701.

Excellent knowledge and exposure to Internet of Things (IoT) security issues.

Excellent knowledge of Ontario federal and international privacy laws applicable to the Ontario K-12 sector (such as Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Canadian Privacy Act General Data Protection Regulation (GDPR) etc.).

Knowledge of Bill 194 and EDSTA 2024.

Communication Skills and Experience 25%

Strong communication skills as demonstrated through :

10 years experience in presenting technical concepts to executives management teams and diverse stakeholder audiences

10 years experience in preparing written materials (e.g. security and privacy reports status reports recommendations briefing notes) and translating technical findings into clear actionable reports.

Industry Certifications / Relevant Degrees 15%

Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)).

Privacy certification is preferred (Certified Information Privacy Technologist (CIPT) Certified Information Privacy Manager (CIPM) or Certified Information Privacy Professional (CIPP)).

Public Sector Experience 5%

5 years of hands-on experience working in large public sector environments. Preferably experience working with the Ontario K-12 education sector.

Applied experience with Ontarios cyber security standards. The security standards (GO-ITS 25.X) can be found on the Government of Ontario information technology standards website :

Knowledge of Government of Ontario relevant legislation (e.g. Bill 194 / EDSTA).

Key Skills

Abinitio,Change Management,Exploration,Building Maintenance,Civil Quality Control,Catia

Employment Type : Full-time

Experience : years

Vacancy : 1