Lead the development, deployment, and management of cyber performance measurements through the lens of operational, strategic and finance related metrics.
Lead in the development of processes to support key metrics, key performance indictors and key risk indictors.
Assembles and analyzes data for reports, ensures data and calculations are accurate.
Prepares reports to management.
Assist in the delivery and accuracy of analytics and reporting, including executive reporting on data and trends that are used to set both strategic and tactical plans for improvement.
Assists in providing correlation between raw information technology and cyber data.
Assists in automation of the data through MS Excel, MS SharePoint, MS Access, and other database solutions.
Develops dashboards for different stakeholders (executive to working team level) to help guide leadership with actionable data.
Develops and implements detailed plans and recommends cyber security policies / procedures regarding program specific requirements. Supports service management process enhancements. Takes a proactive approach to identify gaps and opportunities to improvement.
Supervises, motivates and trains assigned project staff and contract resources, ensuring effective teamwork, high standards of work quality and organizational performance, continuous learning and encourages innovation in others.
Serves as the internal / external point of contact and subject matter expert in their respective function.
Performs oversight / coordination of cyber risk management with clients; escalates significant cyber risk matters to senior management when required.
Deals with confidential information affecting the organization and its resources. Prepares and presents reports to management.
Works with senior management within the division to address active internal / external cyber threats to the City. Attends senior management meetings, makes recommendations to mitigate the threats, and takes appropriate urgent action as needed.
Provides a confidential assessment of organizational issues and makes recommendations for next steps, including policy, procedural and structural change.
Takes a proactive approach to identify gaps and opportunities for improvement to mitigate risk.
Organizes and works with multidisciplinary business and technical teams from across the organization to formulate and execute project plans and tasks according to established project management principles and methodologies.
Provides oversight and monitors cyber risk activities performed by project teams. Reviews and supports the implementation of processes and controls by various teams as outlined in the information risk policy and related operating directives, standards and procedures.
Provides project coordination and management support, and ensures comprehensive and effective information communication across various functional and project teams.
Communicates effectively to stakeholders, clients, project managers, and team members regarding any business and technical decisions and actions that may impact solution delivery, staff performance, business processes, management workflow and technical support of public services.
Provides support in the design, implementation, maintenance, and enforcement of policies, procedures, and controls.
Plans, prioritizes and coordinates internal and / or external assigned project resources to meet project objectives.
Maintains accurate reporting of key risk metrics and associated measurements in alignment with the cyber risk appetite.
Builds and maintains strong relationships with internal and external stakeholders. Establishes relationships with strategic partners, collaborating on the advancement of cyber programs.
Maintains an up-to-date and in-depth knowledge of cyber security, emerging threats, trends, and associated techniques and technologies as well as key business drivers and opportunities.
What you must have :
Post-secondary degree in Computer Science or Technology or a related discipline.
Extensive experience with applying machine learning and other data science techniques to identify anomalous behavior patterns (e.g., user or machine anomalies).
Advanced knowledge and experience with Database, automation, and BI tools
Experience in applying data science to risk management, finance, and cyber related domains.
Experience with extracting, cleaning, and transforming data, and working with data owners to understand the data.
Design, create and maintain reports and dashboard visualizations, gather insights to support business decision making.
Experience using database languages, such as SQL, and common data scientist software development and statistical analysis tools (e.g., Python, R, Scikit-learn)
Broad understanding of information technologies with demonstrated areas of expertise.
Preferred Certifications (any in the list) : CISSP, CRISC.
Skills
Ability to work in transformative programs.
Ability to lead efficient communication between all project stakeholders, including internal teams and clients.
Ability to achieve business objectives through influencing and effectively working with key stakeholders.
Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership, and vendors.
Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
Keen attention to detail and strong organizational skills.
Highly organized, proactive, self-motivated team player who takes initiative and can work independently.
Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
Strong analytical skills and ability to prioritise and multitask.
Ability to prioritize and effectively manage competing priorities and projects.
Ability to manage multiple initiatives while adhering to strict deadlines.
Able to work extremely well under pressure while maintaining a high level of professionalism.
Self-motivated person with desire to go above and beyond tasks.
Transferable skills, like communication and decision-making, are equally important.
Being able to think on your feet and show good judgment are especially valuable in this field. “Security pros should always be ready to react to cyber-related incidents quickly.
Additional Information :
A normal work week is 35 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.
Equity, Diversity and Inclusion
The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.
Accommodation
The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.
Salary / Rate Range : $122,305.00 to $163,639.00