Town of Milton
Location
Ontario | Canada
Job description
Lead and ensure the delivery of an effective corporate-wide information and cyber security program for the organization. On behalf of the organization and the entire IT team, develop and manage the frameworks, processes, tools and consultancy necessary to properly manage IT risk and make risk-based decisions related to IT activities. Develop strategies, goals and priorities relating to information protection and cyber security operations across the organization, ensuring alignment with divisional and corporate direction. Works independently with third-party resources to research, design, implement and provide ongoing management of tools and technologies in support of enhancing overall security program. Develop, implement, maintain/manage and oversee ongoing enforcement of policies, procedures, standards, guidelines, controls and trainings for ongoing system security administration, risk mitigation, user awareness and system access based on industry-standard best practices. Leads the delivery of the Information Security Program, including Security Vulnerability Management, Incident Response, Threat Management and Monitoring, Risk Reporting, Privacy, Data Security and Security program initiatives. Direct, maintain and improve security processes, security playbooks, documentation, practices and measures as a lead of the security team. Perform ad-hoc and scheduled internal security compliance checks, reviews, and audits of IT systems to ensure alignment with established operating procedures, standards and guidelines. Maintain up-to-date baselines for the secure configuration and operations of all organizational-owned hardware and software assets. Maintain operational configurations of all in-place security solutions as per established baselines. Monitor all in-place IT security solutions for efficient and appropriate operations, apply configurations, hotfixes and updates as required. Coordinate the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes and procedures in compliance with applicable organizational risk frameworks, legislation and/or industry best practices. Lead the implementation of proof of concept toolsets to improve cyber security response and overall posture of the organization. Lead the management, deployment, integration and configuration of all new security solutions and enhancements to existing IT security solutions in accordance with standard best practice procedures. Provide recommendations, guidance and security/risk evaluation of all net new technology acquisitions within the organization. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, best practices, improved processes, and the development of new attacks and threat vectors.
Job tags
Salary
