SENIOR SPECIALIST (ENTERPRISE RESILIENCE & ADVISORY - MS)
SENIOR SPECIALIST (ENTERPRISE RESILIENCE & ADVISORY - MS)
- Job ID: 54168
- Job Category: Information & Technology
- Division & Section: Office of the CISO, Cyber Operations
- Job Type & Duration: Full-time, Permanent
- Salary: $122,305.00 - $163,639.00, PSG #TM5099 and wage grade 8.
- Shift Information: Monday to Friday, 35 hours per week
- Affiliation: Non-Union
- Number of Positions Open: 1
- Posting Period: 24-FEB-2025 to 3-MAR-2025
The Senior Specialist Enterprise Resilience & Advisory – Microsoft Security (MS) supports the execution of the Chief Information Security Officer's (CISO) mandate, cyber vision, and strategy by providing technical and business advisory services for Microsoft 365 (M365) and other large enterprise solutions across all City divisions, agencies, and corporations.
This position is responsible for defining, developing and supporting cyber programs and initiatives, working collaboratively with teams across the organization to ensure alignment on key projects and the development of execution roadmaps. Providing subject matter expertise, strategic guidance, and operational support for the Enterprise Resilience & Advisory section, the role will ensure the effective integration of cybersecurity measures within enterprise technologies and cloud-based solutions.
Key responsibilities include:
- Developing and implementing cybersecurity plans, policies, and procedures tailored to M365 environments.
- Recommending best practices for securing M365 applications and services.
- Acting as a strategic advisor on cybersecurity issues, including identifying potential exposures and conducting reviews.
- Ensuring risk mitigation and staying current on cyber threats and vulnerabilities.
- Serving as the point of contact and subject matter expert on M365 business application resilience and cybersecurity best practices.
- Determining cybersecurity requirements for business strategies and providing advisory services for M365 cybersecurity and governance.
- Researching cybersecurity trends and ensuring compliance with evolving regulations.
- Collaborating with cross-functional teams to integrate cybersecurity best practices into enterprise solutions.
- Providing ongoing risk assessments and monitoring the cybersecurity posture of M365 environments.
The Senior Specialist provides leadership, direction, and subject matter expertise to project teams, staff, and contract resources, managing daily operations, performance evaluations, and fostering employee engagement. They organize and lead multidisciplinary teams across business and technical functions to execute cybersecurity initiatives, communicating effectively with stakeholders, project managers, clients, and executives.
The role involves developing, implementing, monitoring, and maintaining security tools, maintaining up-to-date knowledge of the City's confidential cyber infrastructure, and working with senior management to address cyber threats. This includes providing confidential assessments of organizational issues and recommending solutions.
A core function is leading security initiatives and delivering enterprise business application projects (e.g., SAP, SuccessFactors, Salesforce, Microsoft), ensuring thorough security testing and providing application security consulting.
The Senior Specialist supports operational security activities, including incident response, vulnerability management, and access reviews. It involves evaluating security solutions and contributing to the development of security-focused transformation strategies.
A key responsibility is managing cyber risk by proactively identifying threats, resolving issues, and escalating significant concerns when necessary. The role also leads the implementation and monitoring of security controls in ERP systems, assisting with incident remediation, and ensuring ERP systems meet security standards.
Additionally, the Senior Specialist participates in audit reviews, oversees cyber risk activities, and provides project management support, including effective communication with stakeholders and maintaining risk metrics.
Finally, staying informed about cybersecurity trends, emerging threats, and evolving technologies is essential for continued success in this role.
What you bring to the role:
- Post-secondary degree in Business, Technology or related discipline and extensive experience in Business Continuity, Crisis Management, Information Security, Information Risk Management, Disaster Recovery or a related field.
- Extensive experience and applied knowledge of architecture and security including Microsoft Security.
- Extensive business applications, infrastructure and data protection experience.
- Extensive network design and support including data center, cloud, server and networking experience.
- Extensive experience with security evaluation/analysis within a technical organization.
- Extensive experience in conducting risk assessments, required controls definition, control procedure appropriateness, security capabilities identification.
- Extensive experience applying security frameworks (e.g. ISO 27001, COBIT), laws and standards (e.g. NIST, GDPR, etc.)
- Experience leading a team (internal or external resources) with strong interpersonal skills to work independently and collaboratively with others in a multidisciplinary team setting.
- Preferred Certifications (any in the list): CISSP, CRISC, Microsoft 365 Security Administration Certification or SAP Certified Technology Professional - System Security Architect.
- Excellent written & verbal communication skills with the ability to communicate effectively at all levels.
- Ability to assess communications gaps and opportunities and to develop new content strategies.
- Creative, critical, analytical and strategic thinker with the ability to problem-solve and identify solutions.
- Ability to achieve business objectives through influencing and effectively working with key stakeholders.
- Ability to prioritize and effectively manage competing priorities, projects and initiatives while adhering to strict deadlines.
- Highly organized, proactive, self-motivated team player who takes initiative and is able to work independently.
- Self-motivated with desire to go above and beyond required tasks.
- Transferable skills, including communication and decision-making, are equally important.
Notes:
- A normal work week is 35 hours; however, unforeseen situations may require extended hours of work.
- The successful candidate will be subject to a police check, background check, psychological assessment and/or any other checks on a regular basis.
Equity, Diversity and Inclusion
The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
