Senior Information Security Officer
As employees, we joined the City to make a difference in the community. The Burnaby Promise sets out the responsibilities of every employee, every day, in every decision we make. It describes the standards that every employee should strive to meet when interacting with Burnaby residents, external and internal clients, and City colleagues. It gives us the tools to check our actions, particularly in times of conflict or challenge. When every employee lives by the Principles and Commitments in this document, we will collectively create a City we all want to be in, that fosters employee engagement, strengthens our relationships, and better serves our community through service excellence.
We have an exciting opportunity for you to join our team as a Senior Information Security Officer! Reporting to the Deputy Chief Information Officer – Planning and Government, the Senior Information Security Officer (SISO) is a technology leader that establishes, directs, implements and maintains the City’s enterprise cybersecurity program.
The incumbent will identify, evaluate and report on some or all legal and regulatory, IT and cybersecurity risk to information assets, while supporting and advancing business objectives. This position will determine the cybersecurity approach and operating model in consultation with stakeholders and align with the City’s risk management approach and compliance monitoring of non-digital risk areas. You will implement practices that meet policies and standards for cybersecurity to ensure that information assets and associated technology, applications, systems, infrastructure and processes are protected in the digital ecosystem in which the City operates such as firewalls, intrusion detection/prevention, and data encryption. Furthermore, you will serve as the process owner of the appropriate second-line assurance activities related to confidentiality, integrity and availability of information owned or processed by the City such as periodic security audits to assess effectiveness and identify area of improvement. Additionally, you will coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event. Duties also include directing the creation of a targeted cybersecurity awareness training program for staff, contractors and approved system users. Along with developing and overseeing effective resilience policies and standards to align with the enterprise resilience program goals, with the realization that components supporting primary business processes may be outside the City’s perimeter. Other responsibilities will include liaising with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Performs related work as required.
The ideal candidate will possess a Master’s or Bachelor’s degree in Computer Science, Information Security, Business Administration or related field with a minimum of seven years of recent experience in the field of cybersecurity with five years’ experience at the management level preferably in municipal government, plus required technical and or project certifications OR an equivalent combination of education, training and experience. The role requires expert knowledge of frameworks, principles, practices, techniques, legislation, methods and procedures applicable to the work as well as considerable knowledge of City rules, regulations, policies, procedures, practices and operations related to the work performed, the functions, projects and operations of all City departments and their requirements. The successful candidate will have the ability to lead a team of direct and functional reports, and recruit, performance management, train, coach and investigate and administer discipline. You will have the ability to support a wide variety of technology projects while exercising sound judgement and discretion under tight deadlines and constant change. You will have the ability to develop, communicate, implement and evaluate information security initiatives while handling sensitive, contentious, complex and highly confidential issues involving multiple stakeholders with skill, tact and diplomacy. Other skills required include leading investigations, analyzing impacts, making recommendations on Information Security incidents and events along with the skill and the use of various software applications.
The closing date for this position has been extended until filled. New applications are welcome!
Copies of relevant professional certificates, degrees, or tickets will be required at the time of the interview.
Please contact People and Culture at 604-294-7303 if you do not receive a confirmation email within one hour of submitting your application online.
We thank all applicants for their interest; however, only those considered for an interview will be contacted.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
