Cybersecurity Consultant 5987
Foilcon
Toronto, Ontario, Canada
80 $-100 $ / heure (estimé)
Temporaire
Description :
The Specialized IT Consultant, Level 3, role requires extensive knowledge and experience with both cyber security and privacy controls to reduce the impact of evolving cyber threats in the Ontario K-12 school board environment.
This resource is responsible for, but not limited to :
- Performing cyber security and privacy assessments to identify vulnerable areas of the K-12 school boards including :
- Threat risk assessments
- Cyber security and risk assessments
- Privacy impact assessments
- Developing school board-specific, prioritized action and remediation plans to support K-12 school boards in improving their cyber resilience and risk posture.
- Providing hands-on subject matter expertise and implementation guidance to support enhancements of cyber protection for K-12 school board networks, including improvements recommendations in :
- Cyber security
- Privacy protection for minors
- Providing subject matter expertise and advice in improving cyber protection processes, including supporting the development of cyber security standards for K-12 school boards.
- Providing guidance for mitigation strategies following root cause analysis of security or privacy breaches in the K-12 school board networks.
- Providing subject matter expertise, guidance and support to K-12 school boards cyber security personnel by producing risk logs, and proposing remediation actions.
- Presenting to various stakeholders, as needed.
- Delivering on other duties as assigned.
- Providing status and project status reports on all other deliverables assigned.
This work involves working in close partnership with the K-12 education sector. The resource may need to travel the same day or overnight in Ontario.
Requirements :
Cyber Security and Privacy 55%
- 10+ years’ experience with cyber security processes and regulations, and standards, preferably for the public sector or broader public sector
- 10+ years’ experience with cyber security and privacy audits and assessments including :
- Threat risk assessments
- Cyber security assessments
- Privacy impact assessments
- 10+ years’ experience producing cyber security and privacy risk logs and preparing risk remediation plans, preferably for the public sector or broader public sector
- 10+ years’ experience applying cyber security industry frameworks such as NIST CSF v1.1, COBIT, CIS Controls v8 and ISO 27001
- Knowledge of the new draft NIST Cyber Security Framework v2.0
- 10+ years of demonstrated experience applying privacy frameworks such as the NIST Privacy Framework, ISO / IEC 27701
- Excellent knowledge and exposure to Internet of Things (IoT) security issues
- Excellent knowledge of Ontario, federal and international privacy laws applicable to the Ontario K-12 sector (such as Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), Canadian Privacy Act, General Data Protection Regulation (GDPR) etc.)
Communication Skills and Experience 25%
Strong communication skills as demonstrated through :
- 10+ years’ experience in effectively presenting to management teams and external stakeholders
- 10+ years’ experience in preparing written materials (e.g., security and privacy reports, status reports, recommendations, briefing notes)
Industry Certifications / Relevant Degrees 15%
- Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM))
- Privacy certification is mandatory (Certified Information Privacy Professional (CIPP))
Public Sector Experience 5%
- 5+ years’ hands-on experience working with Ontario’s public sector or Ontario’s broader public sector
- Applied experience with Ontario’s cyber security standards. The security standards (GO-ITS 25.X) can be found on the Government of Ontario information technology standards website : https : / / www.
ontario.ca / page / information-technology-standards#section-6 .
Il y a plus de 30 jours