Information Security jobs in Canada

Welcome to Pepperdine University, a Christian university in beautiful Malibu, California. Learn more about our undergraduate and graduate programs today!

The Director of Information Security oversees the promotion of digital security across the University. This includes enabling our community to take proactive security measures, monitoring and assessing the environment, and managing security efforts in both academic and administrative areas. The role involves drafting, consulting on, and recommending information security policies in collaboration with key executives, management, and policy committees. We also partner with University stakeholders to identify and mitigate security risks through effective programs and procedures. The office leads the adoption of tools, procedures, and standards to proactively protect the institution's network, systems, services, and data.

Duties

• LEADERSHIP AND ADMINISTRATION: Exercises University-wide leadership in developing, improving, and promoting the University information security program. Provides strong leadership to the Information Security Office, including vision and philosophy in support of academic, research, and administrative information systems and technology. Sets departmental goals and objectives, reviews the goals and objectives of the Information Security team, and aligns projects with the strategic goals of Information Technology (IT) and the University. Delegates tasks with appropriate guidance or mentorship. Empowers staff to take ownership of duties, projects, and problems; to work collaboratively in flexible teams with strong camaraderie; to provide excellent, compassionate customer service; to gather and analyze metrics for team and area success; to work with high integrity to maintain the trust of the University community; to manage time, information, and resources responsibly for excellent stewardship and productivity. Holds teams, individuals, departments, other University departments, and external vendors accountable for following procedures/practices and representing the University well through word and deed. Serves as a member of the IT senior team and IT Leadership Council. Reviews and submits regular, timely, and complete paperwork and processes, such as status reports, bi-weekly or monthly timesheets, financial activities, assessments for mid-year and annual reviews, and other routine IT and University practices. Keeps personal and shared workspaces clean and organized.
• SECURITY POLICY, STANDARDS, AND MEASUREMENT: Leads the establishment, development, and implementation of effective and mission-friendly University policy, standards, guidelines, and best practices that secure various classes of data, support information security, and ensure compliance with laws and regulations. Establishes annual and long-range security and compliance goals, defines security strategies, metrics, reporting mechanisms, and program services. Contributes security architecture input for all new IT projects and offers ideas for efficient security improvement of IT systems. Coordinates all information security related audits including scope of audits, targets, timelines, auditing agencies, and outcomes. Works with University assurance and risk departments and auditors as appropriate to keep audit activities in scope, maintain excellent relationships with audit entities, and provide a consistent perspective that continually strengthens the University's trust and reputation. Provides guidance, evaluation, and advocacy on audit responses. Leads the collection of security outcomes data and promulgation of security program results.
• OUTREACH, EDUCATION, AND TRAINING: Convenes the Information Security Task Force as appropriate to obtain input and buy-in for new and improved security programs. Outreaches to consult for business process reengineering that promotes secure work processes and improves efficiency. Leads development of education and awareness programs and advises operating units at all levels on security issues, best practices, and vulnerabilities. Works with University technical groups to build awareness and a common practice around security. Pursues student information security initiatives to build practical skills and promote a secure campus experience.
• RISK REDUCTION AND INCIDENT RESPONSE: Leads implementation of security controls systems and supervises the team administering technical security tools. Provides direction in the operation and improvement of the suite of security services and tools to mitigate security risk via defense-in-depth. Exercises leadership, direction, and guidance to assess and evaluate information security risks and monitor compliance with security standards and policies. Provides leadership for incident management, breach response, and notification actions for the University. Acts as a primary control point during significant information security incidents.
• COMMUNICATIONS AND RELATIONSHIPS: Promotes professionalism across the division to ensure that each staff member represents Pepperdine and IT in a professional manner when collaborating with internal and external stakeholders. Conducts outreach to University stakeholders to determine needs and build strong, positive, and collaborative relationships. Develops and maintains strong partnerships with University departments and leadership, as well as with external vendors and service providers, to improve IT outcomes and to assure current and future operational and strategic success.
• COLLABORATION: Provides backup support and assistance to other team members. Collaborates with co-workers and University colleagues on departmental, division-wide, and institutional projects. Shares process information and makes informal recommendations on how to improve processes and overall job execution within the team/department.
• PROFESSIONAL DEVELOPMENT: Attends training sessions, vendor presentations, user group meetings, conferences, and seminars. Engages regularly in individual professional development related activities to remain current with industry technology trends and work processes.
• COMMITTEES AND BEYOND JOB DUTIES: Volunteers to undertake tasks that stretch the employee's capabilities. Serves on various committees within the Information Technology division. Participates in external University committees. Performs other related duties as assigned.
• UNIVERSITY MISSION: Understands and supports the Christian mission of the University. Upholds the University mission through team, location, atmosphere, and work performed.

Skills and Qualifications

Required: Requires a Bachelor's degree in the field of computer science, information sciences, or related field. Experience managing and delivering infrastructure design and operational excellence required. Current CISSP certification. 15 years IT or Information Security experience. Excellent written and verbal communication skills. Working knowledge of accounting and human resources principles and practices. Strong organizational, supervisory, and interpersonal skills needed to work effectively with a wide variety of internal and external resources. Strong leadership skills with a proven track record of building and leading strong teams. Strong decision making skills and ability to work under pressure. Proven experience with network capacity planning, network security principles, and general network management best practices. Strong, hands-on technical knowledge of network topologies, various security practices, Windows servers and PC operating systems. Familiarity with firewalls, vulnerability management, network access control and penetration testing tools.

Preferred: Graduate degrees in relevant disciplines. Additional advanced technical certifications equivalent to SANS 5xx or 6xx, specifically in incident handling. Effective experience at managerial level in an information security role. Macintosh operations and desktop management. Palo Alto Firewalls, QualysGuard Vulnerability Management, FortiNAC.

Qualified individuals should be able to articulate a strong commitment to diversity, and have the ability to work effectively with individuals from different backgrounds.

Offers of employment are contingent upon successful completion of a criminal, education, and employment screening. The University conducts such screenings in compliance with applicable laws and with the objectives of evaluating risk and supporting a safe environment for students, faculty, staff, and guests; safeguarding key University assets including people, property, information, and the University’s reputation; and providing comprehensive job-related information to University leaders to enable them to make prudent hiring decisions. Qualified individuals with criminal histories will be considered for employment in compliance with applicable laws, including the Los Angeles County Fair Chance Ordinance.

This is a Regular, Exempt, 40 hour per week position that may be eligible for hybrid work in accordance with the University Policy Manual.

Expected Pay Range: $129,000 - $140,000 per year.

The above pay range reflects what Pepperdine University reasonably expects to pay for this position at time of posting. Actual compensation may vary based on relevant factors such as work experience, market conditions, education/training, and skill level. In addition to base pay, Pepperdine offers a robust and highly competitive benefits package.

Pepperdine is an Equal Employment Opportunity employer and does not unlawfully discriminate on the basis of any status or condition protected by applicable federal, state, or local law.