Information security officer Jobs in North York, ON

Date Posted : 01 / 09 / 2025

Req ID : 41263

Faculty / Division : Faculty of Arts & Science

Department : Information and Instructional Technology

Campus : St. George (Downtown Toronto)

Description : About Us :

The Faculty of Arts & Science is the heart of Canada’s leading university and one of the world's most comprehensive and diverse academic divisions. The strength of Arts & Science derives from our combined teaching and research excellence in the humanities, sciences and social sciences across 29 departments, seven colleges and 46 interdisciplinary centres, institutes and programs.

We can only realize our mission with the dedication and excellence of engaged staff and faculty. The faculty's diversity of opportunities and perspectives reflects the local and global landscape and the need for curiosity, innovative thinking, and collaboration. At Arts & Science, we take pride in our legacy of innovation and discovery that has changed how we think about the world.

The Faculty’s divisional IT team, Information & Instructional Technology (IIT) and local, departmental IT teams are a crucial source of support for faculty teaching, research and administrative operations. IIT works closely and collaboratively with institutional teams as well as local IT teams to champion and support technology initiatives as well as provide some key division wide IT services. In addition, IIT supports the technology needs for numerous departments, centres, schools and institutes including day to day computing, infrastructure fulfillment (systems, networking and data centre), public web services and application development. We are a well-respected, service-oriented team that aims to deliver timely support and quality work, imperative for the smooth operation of our faculty.

Your Opportunity :

Reporting to the Director, Information & Instructional Technology and with input, as required, from a dotted-line reporting relationship to the Chief Information Security Officer (CISO) of the University, the Manager, Information Security provides program management, strategic leadership and initiative management for the faculty’s Information Security and IT Risk Programs. The Information Security Manager will be responsible for developing new division-wide security and risk programs and working collaboratively to help drive, implement, document and support the security of the faculty’s technology. The Manager supports both divisional and departmental IT teams to ensure that technology delivery is aligned with institutional guidelines, priorities, and direction.

This is an inaugural role which will help unify and motivate teams as well as explore and address the best and most effective approaches to driving a productive and focused risk and security culture. More specifically, the Manager provides strategic and tactical planning as well as technical project management which includes the evaluation, design, development, implementation, reporting, and overall management of numerous initiatives; some initiatives may be technically hands-on.

Working in alignment with other profile holding IT leaders, the Manager will be capable of overseeing technically savvy team members, managing team priorities and productivity and covering all aspects of business, HR and operational needs including financial management, budgets, procurement, contracts and intake. The Manager will draw from institutional, industry and peer best practices and maintain up-to-date knowledge of technology and advances and directions in IT security and IT risk, continually evaluating the performance of the faculty as well as analyzing gaps and vulnerabilities, effectively solving security and privacy risk issues and recommending and / or initiating projects to augment and improve services delivered.

As a member of the faculty’s management team, the Manager establishes and sustains strong relationships with all levels of the faculty’s community, including executive leadership, project teams, support teams, clients, stakeholders, as well as teams across the University of Toronto. The Manager will work collaboratively with local faculty IT teams to evolve a mindset, model and work structure that ultimately enables divisional and departmental security and risk progression with a clear view of the faculty’s security and risk posture.

As an internal consultant, the Manager reviews proposals from departments using in-depth technical and subject matter expertise and partners with teams to recommend and deliver security solutions. The Manager will lead information security incident response at a divisional level in coordination with faculty leadership and Information Technology Services - Information Security leadership. The Manager supports investigations, gathering forensic IT and security data and evidence and working with remediation teams, partners with relevant University departments as required and helps support unit and faculty business continuity activities.

Education and Experience :

• University degree in Computer Science, Engineering, or an equivalent combination of education and experience.
• A Graduate Degree and certifications in information security and management, such as CISSP, CISM, CISA, PMP, CRISC or other relevant certifications, are an asset.
• At least eight (8) years of experience working in the IT industry, with a focus on information security. Technical experience with the development and management of formal IT risk programs (i.e. technically driven risk reduction) considered a strong asset.
• Proven experience in planning, organizing, and developing IT security and facility security system technologies. Expert level understanding of Information Security technologies and concepts, including information security and defense solutions.
• Experience developing and adopting information security standards and guidelines.
• Extensive experience using network and security analysis tools, with a focus on intrusion detection and prevention – host and network, active and passive.
• Experience managing information security incident response and investigations.
• Demonstrated aptitude for security / or major incident management; ability to quickly analyze and interpret forensic information and evidence.
• Excellent understanding of defense in depth strategies and implementation across the entire ecosystem
• endpoints, servers, appliances, cloud, and network architecture, etc.) with strong ability to assess risks and controls of computing systems and operations.
• Experience auditing systems for compliance (PCI-DSS, PA-DSS, etc.).
• Experience managing vendor solutions and contractors, including cloud technologies as well as related security and risk assessments.
• Experience with operational access management and identity access management systems and solutions; IAM roll-out experience is considered a strong asset.

Digital Infrastructure :

Team and People Management :

Skills :

Other :

Closing Date : 02 / 07 / 2025, 11 : 59PM ET

Employee Group : Salaried

Appointment Type : Budget - Continuing

Schedule : Full-Time

Pay Scale Group & Hiring Zone : PM 5 Hiring Zone : $118,368 - $138,097 Broadband Salary Range : $118,368 - $197,280

Job Category : Information Technology (IT)

J-18808-Ljbffr