Senior Systems and Information Security Lead

COVID 19 On-Campus Requirements

Prior to May 1 2022 the University required all students faculty staff and visitors (including contractors) to declare their COVID-19 vaccination status and provide proof that they were fully vaccinated or had an approved accommodation to engage in in-person University activities. These requirements were suspended effective May 1 2022 but the University may reinstate them at any point.

About Queens University

Queens University is the Canadian research intensive university with a transformative student learning experience. Here the employment experience is as diverse as it is interesting. We have opportunities in multiple areas of globally recognized research faculty administration engineering & construction athletics & recreation power generation corporate shared services and many more.

We are committed to employment equity and diversity in the workplace and welcome applications from individuals from equity seeking groups such as women racialized/visible minorities Indigenous/Aboriginal peoples persons with a disability persons who identify in the LGBTQ community and others who reflect the diversity of Canadian society.

Come work with us!

Applicant Guidance & Information

At Queens we are committed to helping people achieve their best. Whether you are beginning your career at Queens or seeking your next opportunity we are here to support you. Visit our Applicant Resources for guidance on applying showcasing your skills and experience and preparing for interviews.

Disclaimer: As part of the application process at Queens University our recruitment system uses Artificial Intelligence (AI) as defined under the Ontario Employment Standards Act to ask job-related questions and confirm eligibility for hire. All final hiring decisions are made using non-AI related processes.

Job Summary

The Senior Systems and Information Security Lead reporting to the Chief Information Officer (CIO) is responsible for managing and maintaining both on-premises and cloud infrastructure for the Canadian Cancer Trials Group (CCTG) including system resources and services system performance and availability backup and disaster recovery and supporting deployments and system updates. The role also involves developing and implementing cybersecurity policies and supporting the investigation analysis and resolution of cybersecurity incidents and events.

The schedule for this position requires the incumbent to work occasional evenings and/or weekends to respond to significant incidents system upgrades or major project implementations.

Job Description

KEY RESPONSIBILITIES:
In collaboration with the CIO develops implements and monitors a strategic comprehensive information security program to ensure appropriate levels of confidentiality integrity availability safety privacy and recovery of information assets owned controlled or/and processed by CCTG.
Configure and manage CCTG IT infrastructure including corporate email firewalls virtual machines servers storage networking databases and security systems both on-premises and in cloud environments such as Microsoft Azure Amazon Web Services or Google Cloud. Monitor system health uptime and performance and troubleshoot or resolve outages and performance issues.
Advises and guides senior leadership on information systems security decisions and application of standards and procedures.
Collaborate with CCTG IT and development teams to deploy applications and maintain technical environments. Design and implement solutions for integrating complex software and database systems utilizing scripting programming and web services.
Work with the CIO and other CCTG IT team members to develop and implement security policies procedures and architectures to protect organizational assets and confidential patient information from internal and external threats including ongoing research and analysis of emerging cybersecurity trends.
Leads and coordinates the development and delivery of a comprehensive cybersecurity education and awareness program and training across CCTG.
Stays current with relevant advances in security technologies; gains deep understanding of CCTGs goals to deliver appropriate security architecture.
Configure and manage identity and access management systems and security policies and conduct regular vulnerability assessments and patch management to identify remediate and prevent security weaknesses across systems and infrastructure.
Produces and maintains detailed technical documentation and reference materials related to architecture operational procedures and specifications.
Provides senior leadership with reports on project status milestones and challenges.
Design and manage comprehensive system and data backup and recovery solutions that meet regulatory requirements and ensure business continuity in a complex technical environment.
Responsible for the triage of security events and incidents and facilitates communication among the Queens Security Operations Centre( SOC) CCTG IT and the Incident Response Team. Design establish implement maintain and continuously improve processes tools and activities that support the Cybersecurity Program including preparation detection analysis containment eradication and post-incident review.
Maintains a high degree of current knowledge in the areas of responsibility and other aspects of information technology.
Serve as a representative and point of contact with external agencies and pharmaceutical companies on IT initiatives including systems and technical projects integrations and data transfers.
Other duties as assigned in support of CCTG

REQUIRED QUALIFICATIONS:
University degree in Computing Science or Engineering (or equivalent combination of education and experience) such as CISSP CISM.
Minimum of 8 years of hands-on experience managing Linux and Windows servers TCP/IP networks routed environments internet-based email systems firewalls (Palo Alto) storage solutions (QNAP) network switching and virtualization platforms. Proven experience administering cloud services such as Microsoft Azure Amazon Web Services or Google Cloud is also essential.
At least 8 years of experience in managing network security policies performing vulnerability assessments and coordinating timely patch deployments across servers networks and applications to mitigate security risks and ensure compliance with established security standards.
Experience with compliance frameworks such as ISO 27001 NIST are considered an asset.
Proficient in using monitoring tools to track performance resolve incidents and ensure continuous uptime.
Strong project management and leadership abilities are necessary to effectively guide system team members in the planning development and execution of various IT initiatives. Certifications related to project management such as PMP and Agile are considered an asset.

SPECIAL SKILLS:
Respect diversity and promotes inclusion in the workplace
Ability to adapt and continuously learn new technologies is essential given the ever-evolving landscape of cybersecurity and related technologies.
Demonstrated leadership team management and decision-making skills
Demonstrated advanced technical problem-solving skills in a complex multi-platform environment
Ability to work in a complex environment and foster collaboration in a collegial manner using relationship-building influencing and negotiating skills to secure commitment and achieve results.
Strong organizational and time management skills with ability to meet deadlines.
Sound judgment and ability to work independently and collaboratively.
Well-developed and confident written and verbal communication skills.
Excellent attention to detail with strong commitment to quality.
Effective project management skills to plan implement and evaluate projects and initiatives.

DECISION MAKING:
Prioritize for the maintenance installation and upgrade requests of computing systems impacting staff throughout the organization.
Recommend computing platforms systems and software to senior management affecting the long-term direction for the group in terms of Information Technology.
Establish confidentiality policies for networked user data and system protection e.g. what gets protected and what policies should apply.
Evaluate IT projects including time risk quality effort and management impact; select optimal solutions.
Determines priorities and makes decisions about staff utilization and the assignment of work to achieve optimum efficiencies and productivity.
Decide deployment and implementation methods for hardware software and databases.
Manage day-to-day priorities in support of achievement of overall project goals; ensure the work is completed satisfactorily.
Manage negotiations hardware and software purchases licenses and maintenance contracts.
Assesses the suitability of job candidates and recommends the most appropriate person for hire.
Coordinate discussions with pharmaceutical companies regarding IT project integrations and methodologies.
Collaborate with the IT Team to plan strategic infrastructure initiatives.

Employment Equity and Accessibility Statement

The University invites applications from all qualified individuals. Queens is strongly committed to employment equity diversity and inclusion in the workplace and encourages applications from Black racialized persons Indigenous people women persons with disabilities and 2SLGBTQI accordance with Canadian Immigration requirements priority will be given to those who are legally eligible to work in Canada.

The University provides support in its recruitment processes to all applicants who require accommodation due to a protected ground under the Ontario Human Rights Code including those with disabilities. Candidates requiring accommodation during the recruitment process are asked to contact Human Resources at .