Job Posting #21872
Senior IT Security Specialist
Important Notice and Amendments
Salary Pending Review
About Niagara Region
Serving a diverse urban and rural population of more than 430,000, Niagara Region is focused on building a strong and prosperous Niagara. Working collaboratively with 12 local area municipalities and numerous community partners, the Region delivers a range of high quality programs and services to support and advance the well-being of individuals, families and communities within its boundaries. Nestled between the great lakes of Erie and Ontario, the Niagara peninsula features some of Canada's most fertile agricultural land, the majesty of Niagara Falls and communities that are rich in both history and recreational and cultural opportunities. Niagara boasts dynamic modern cities, Canada's most developed wine industry, a temperate climate, extraordinary theatre, and some of Ontario's most breathtaking countryside. An international destination with easy access to its binational U.S. neighbour New York State, Niagara attracts over 14 million visitors annually, as well as a steady stream of new residents and businesses.
his position is responsible for providing technical leadership, expertise and guidance related to the design, development, and implementation of infrastructure solutions that enable our business objectives.
This position will have a range of coaching and architectural duties, depending upon the specific assignment.
The position will maintain and enhance the information security posture.
This position will proactively assess potential items of risk and opportunities to assess vulnerabilities within the network, and will analyze information obtained from intrusion detection and prevention systems, and work with advanced security protocols and standards.
This position will create and maintain the corporation's cyber security incident response plan and respond to all types of IT security incidents as they arise.
They will analyze traffic trends and systems logs, and propose IT security policy changes and policies where required.
They will research and help develop security best practices, as well evaluate and develop approaches to security solutions and educate staff on security threats and preparedness.
This position will create and conduct risk, system and application assessments.
The position will review new projects, systems, and applications for compliance, and will serve as a disaster recovery analyst to establish disaster recovery programs and business continuity planning across multiple platforms
- Bachelor's degree in Information Technology, Computer Science, related discipline or equivalent combination of education and experience.
- Post-Secondary courses in any of the following: computer forensics and security, cloud architecture and security are preferred.
- 10 years' experience in Information Systems and Technology in a medium to large sized data center and network security and design environment focused on:
1. Microsoft products, such as Windows Operating Systems, Messaging and Collaboration, Office Productivity Suites, Security Product Suites,
2. Network appliances and technologies i.e. CISCO,
3. VMWare Virtual Infrastructure such as ESXi, ESX, and VDI,
4. Enterprise wireless products such as Aruba controllers, Access Points and monitoring solutions, and
5. Enterprise storage and IaaS/PaaS/SaaS solutions (Fibre attached SAN's & Office 365).
- 5 years' experience in disaster recovery planning.
- In-depth knowledge of data centers and networking environments, coupled business continuity and disaster recovery planning.
- 5 years project leadership or management experience is preferred.
- VoIP and PBX networked systems experience is preferred.
- Cisco Certified Networking Professional (CCNP) and Certified Information Systems Security Professional (CISSP) Certifications.
- Certified Business Continuity Planner (CBCP) or Associate Disaster Recovery Planner accreditation.
- MCITP (Microsoft Certified IT Professional) designation.
- Certified Ethical Hacker (i.e. CEH) is preferred.
- Project management certification (i.e. PMP) is preferred.
1. IT Infrastructure Strategy and Design
- Designs, implements, and provides on-going support of enterprise-wide infrastructure architecture(s) and data/network/security systems integrations.
- Provides planning and technical direction and consultation for data center and disaster recovery sites, including: wide area network, server infrastructure, storage, backup, disaster recovery and security.
- Evaluates existing conditions determines or identifies technical requirements, evaluates alternatives.
- Coordinates and leads the development of business case proposals for IT Infrastructure initiatives in conjunction with input by other IT peers and departments.
- Provides key concepts and expertise towards the development of long-term strategies to ensure timeliness, compatibility, and integration with overall IT back-end infrastructure ensuring software compatibility and sustainability.
- Acts as technical lead and participates in committees and work groups across areas and departments to address specific projects and issues.
- Provides IT Infrastructure architectural expertise, advice, direction, and assistance to the Infrastructure & Operations team.
2. Disaster Recovery & Business Continuity and Design and Solutioning
- Ensuring the availability of all critical corporate infrastructure technologies and highly sensitive data such as Financial Systems, Microsoft Messaging, mobile device management services and all externally public facing systems hosted at and for the Region.
- Develops the architectural design and implementation of complex enterprise disaster recovery plans in accordance with established recovery time objectives and recovery point objectives.
- Identifies vulnerable areas within the Region's critical infrastructure functionalities and provide/execute on those recommendations.
- Recommends and implements disaster avoidance and business impact reduction strategies.
- Directs and coordinates staff and other departmental key staff for testing of disaster recovery strategies.
3. Network and Administration and Design & Strategy
- Champions network design and administration tasks for the primary and secondary disaster recover sites, and develops the guiding principles and framework which establishes network and integration standards, continuous improvement methods, and security models
- Designs network solutions for the Niagara Region or external stakeholders, ensuring the integrity, security, and safeguarding of data is completed by applying a complex set of disciplines in the process. Incorporates and uses the base foundation of the CIA (availability, integrity, and confidentiality) model to mitigate data leakage risks, or exposure of Niagara Region's network and server systems internally or externally.
- Analyzes, designs, maintains and administers the network infrastructure and application components.
- Designs solutions with data and system availability in mind, to ensure that adequate network and internet bandwidth is available. Ensures that there will not be any restrictions to daily operations through any traffic bottlenecks within Niagara Region's network infrastructure by instituting redundant, failover, and high-availability solutions where required.
- Maintains, enhances, and recommends alternate network, remote access technologies, backend enterprise storage and SAN connectivity solutions to support organizational goals.
- Accountable for the network design, evaluation, integration, and sustainment of all internal and public facing presence of the Niagara Region's organizational infrastructure.
- Tier 4 level support for the operability and high availability of regional I.T infrastructure 24x7x365 &ndash of all network related services and applications.
- Leads the research on emerging products, services, protocols, and standards in support of contingency planning and development efforts and recommends technologies that will increase cost effectiveness, systems flexibility, integrate seamlessly into the enterprise environment.
4. Security and Administration and Design and Strategy
- Defines security frameworks for existing and new systems which include developing, implementing, maintaining policies, standards, guidelines, and procedures.
- Establishes, and implements a breach management policy and response plan. Deals with issues that are abstract in nature, and not easily identifiable. Able to disseminate changing data on the fly, in order to thwart any given attack method utilized. Identifies and assembles ad-hoc mitigation plans when required.
- Designs and maintains the network core switch and firewall rules and security logs.
- Designs and defines methods to ensure encryption standards are formulated and standardized in order to safeguard data integrity and confidentiality.
- Monitors IDS/IPS network security logs for intrusion detection.
- Performs risk assessments, and prepares action plans to assure a secure information environment for existing and new applications.
- Actively recommends changes to establish methods and procedures, suggests alternative solutions and new methods to improve quality and increase productivity.
- Works with IT team to design, co-ordinate, and direct activities to implement and maintain a network security infrastructure including wired and wireless systems and handheld mobiles, against internal and external intrusion threats.
- Implements security services (firewalling, NBD - network boundary devices), identities and accesses management products, anti-virus, anti-spam, trusted time sources, content management, file integrity tools, audit and IDS products, and encryption tools
5. Policy and Guiding Principles Development
- Develops policies (i.e. Incident Response, Data Encryption policies), including the research, analysis, consultation and synthesis of information to produce the recommendations.
- Enforces data center network guidelines, processes, policies and change controls to promote the stability, efficiency, and effectiveness of regional infrastructure.
- Informs and mentors other staff members on their responsibilities concerning IT business policies and procedures, and accompanying emergency response documentation.
- Ensures effective corporate and regional policies and standards are followed, in co-ordinance with current network internal/external controls.
- Contributes to the creation and sustainment of technology frameworks (e.g. regional/corporate architectures, methodologies, tools, techniques and standards).
- Assist and provide input into policies and processes around data security and business continuity, with a focus on best practices and techniques.
- In accordance with the Corporate Criminal Record Check Policy, the position requires the incumbent to undergo a Criminal Records Check and submit a Canadian Police Clearance Certificate.
- Must maintain ability to travel in a timely manner to other offices, work locations or sites as authorized by the Corporation for business reasons.
- Regional staff strive to enable the strategic priorities of council and the organization through the completion of their work. Staff carry out their work by demonstrating the corporate values of service, honesty, choice, partnership and respect.
Uncover the wonder of the Niagara Region and join a team dedicated to meeting tomorrow's challenges TODAY!
Let us know why you would be an excellent team member by submitting your online application.
We thank all candidates for their interest however, only those candidates selected for an interview will be contacted.
Apply NowEmail to Friend
« Other jobs