Under the direction of the Senior Technology Security Administrator, applies defined security strategies for University technology assets. This includes industry best practices for network, servers and application security that help ensure confidentiality, integrity and availability of said resources;
Advocates best security practices for information and systems;
In cooperation with system administrators, coordinates and/or applies security configurations/settings, following change control procedures involving network Firewalls, Intrusion Detection Systems and other related access control technologies that exist;
Provides input into the planning and development of complex institution-wide projects throughout the entire technology development life cycle. This includes arranging, facilitating, and participating in technology security design and planning sessions to develop solutions to security problems.
Administers technology systems and services relating to cyber security;
Performs daily audits of firewall(s), log management, intrusion detection systems, and content filtering controls;
Identifies and addresses computer vulnerabilities in workstations, servers (internal and external), network devices, and applications;
Conducts assessment on the security of new applications and programs prior to installation or upgrades;
Assists in the administration, documenting, and monitoring inventory control for all network equipment;
Performs product evaluations, selection, testing, and implementation of tools/utilities specifically related to Information Security technology;
Acts as a technical resource for departments in security product/service deployment;
Aids in the investigation and analysis of cyber security events;
Assists in the maintenance of University technology-based security standards, and guidelines for information technology services and functions;
Assists in the maintenance of IT security incident response protocols;
Maintains and monitors appropriate cyber-security metrics;
Coordinates and reports periodic threat assessments and related factual data of IT Security resources to the Senior Technology Security Administrator;
Assists the Senior Technology Security Administrator in the development of Cyber Security reporting materials to be directed to the CIO;
Attends meetings, conferences and training of professional organizations relevant to the IT Security field as required, to maintain proficiency.
Undergraduate degree with 2 years directly related experience, or an Accredited Institutional diploma with 3 years directly related experience. An acceptable equivalent combination of education and experience may be considered.
Information Security certifications such as CompTIA Security+, GIAC GSEC, ISC2 SSCP or equivalent;
Experience with TCP/IP and related network protocols; Linux and Windows operating systems; network infrastructure systems such as Firewalls; Intrusion Detection Systems; technologies like multi-factor authentication, and content filtering controls; logging and monitoring tools;
Experience using network/system/application test and analysis equipment for a large organization;
Experience analyzing security problems and applying procedures and standards for technology security solutions;
Experience creating layout of complex technical diagrams to document current and planned security architecture using standard network/CAD mapping tools;
Experience investigating the effect of changes to technology environment, systems and related services as it pertains to the protection of critical data;
Advanced technical writing skills, with the ability to be formal and concise;
Extensive knowledge of computer hardware, servers and network devices;
Extensive knowledge of installation/setup and operations of complex specialized equipment, software applications, tools and utilities;
Strong written and verbal communication skills, including the ability to communicate complex technical security solutions to diverse clients;
Strong organizational skills, including the ability to create and administer work plans;
Strong analytical and problem-solving skills;
Ability to take corrective action to ensure the product satisfies the business objectives and is delivered on time and within budget constraints.
OR EQUIVALENT COMBINATION OF EDUCATION, EXPERIENCE, SKILLS, KNOWLEDGE AND ABILITIES
The Collective Agreement between The University of Winnipeg and The Association of Employees Supporting Education Services (AESES), Clause 6.3, Selection for Vacancy, states: The Employer agrees that Employees with seniority shall have preference in connection with appointments so far as it is practicable to do so, provided that their qualifications are relatively equal.
The University of Winnipeg is committed to equity, diversity and inclusion and recognizes that a diverse staff/faculty benefits and enriches the work, learning and research environments, and is essential to academic and institutional excellence. We welcome applications from all qualified individuals and encourage women, members of racialized communities, Indigenous persons, persons with disabilities, and persons of any sexual orientation or gender identity to confidentially self-identify at time of application. All qualified candidates are encouraged to apply; however, Canadian citizens and permanent residents will be given priority.