Responsibilities
- Deploy information security platforms designed to protect data and systems, prevent unauthorized access, and respond effectively to potential threats.
- Partner across IT teams and other departments to embed proactive security practices into all daily operations and new projects.
- Leverage expert-level knowledge of security tools to optimize the protection and resilience of IITS services for the UTSC community.
- Configure, maintain, and tune security tools – including SIEM, EDR, Firewall, vulnerability scanner, and intrusion prevention/detection systems – to ensure proactive threat detection and mitigation.
- Monitor security alerts and dashboards, respond to suspicious activities, and optimize system effectiveness for timely and accurate threat detection.
- Perform information security investigations; security assessments; and, in situations where systems or applications have been breached either internally or through external attacks, incident response activities.
- Gather required forensic data in collaboration with relevant teams in instances of employee-related breaches and misconduct, and of potential IT related criminal activity partnering with relevant UTSC departments, such as Campus Police, central ITS, external auditors, and/or work in consultation with Human Resources and Labor Relations as required.
Requirements
- University degree in Computer Science, Engineering or equivalent combination of education and experience.
- Minimum 7 years of Information Security experience in a heterogeneous environment, with a broad range of platforms and technologies, including at least 2 years working with Information Security as a significant focus of activity.
- Minimum 3 years of progressive experience in creating, implementing, and maintaining Information Security risks management programs.
- Excellent understanding of security tools and technologies such as Firewalls, IDS/IPS, SIEM/SOAR, EDR/XDR platforms etc. used to protect on-premises and cloud environments.
- Expert proficiency in security frameworks and foundational networking/OS security (Zero Trust concepts, TCP/IP, VPNs, Windows/Linux/Unix hardening).
- Experience auditing systems for compliance (PCI-DSS, NIST Cybersecurity Framework, or NIST SP 800 series controls, etc.).
- Experience drafting information security standards and guidelines, assessing risk management, and determining controls.
- Experience administering and securing large-scale server fleets (Linux/Unit), databases (SQL Server, MySQL), and virtualized environments.
- Experience with scripting (Python, Bash) to automate security tasks. Extensive experience Leveraging network and security analysis tools for deep packet inspection, forensic analysis, and advanced troubleshooting.
- Experience in selecting, configuring, and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).
Nice to Have
- CISSP and other security certifications are a strong asset.
- Previous experience of implementation and management of such security tools is a strong asset.
