Reporting to the Director of DTO and Cybersecurity, Digital Technology Services, (DTS) and a part of the Associate Vice President (AVP) DTS leadership team, the Manager, Cybersecurity Operations leads the cybersecurity team that provides security operations, incident response, and security controls to digital solutions across the university.

This role will have the opportunity to influence and drive lasting efforts in the University’s digital transformation, with significant student and employee impact through the management and monitoring of a robust cybersecurity program and development of policies relating to digital solutions. In close alignment with university wide strategy, critical components of this position include updates to the Cybersecurity strategy, risk management framework, vulnerability management program, Cybersecurity protection, Cybersecurity access controls, Cybersecurity detection and incident response plan. The role requires a strong focus on building and maintaining relationships both across the CapU community and externally with sector colleagues and vendors.

Job Description:

KEY RESPONSIBILITIES

• In consultation with the Director, DTO and Cybersecurity, plans, implements, and manages security controls, operations, and response activities guided by cybersecurity frameworks, critical security controls, and the National Cybersecurity Assessment (NCA) framework.
• Develops and maintains cybersecurity training materials and manages role-based cybersecurity training programs. Monitors and reports on cybersecurity training compliance across the university community.
• Conducts follow-up with university community members who are not compliant with training requirements, including managing refresher training programs.
• Proactively contributes cybersecurity expertise to technical assessments for all digital solutions being considered within the digital ecosystem. This includes providing security requirements and conducting cybersecurity evaluations for RFP processes.
• Develops and manages the cybersecurity components of technical assessments.
• Leads and coordinates responses to cybersecurity alerts and incidents, including the implementation, maintenance, and review of cybersecurity incident response plans.
• Identifies and selects appropriate cybersecurity monitoring tools to ensure comprehensive security coverage across the digital ecosystem.
• Proactively monitors the digital ecosystem using industry-standard tools to detect malware, suspicious activity, and security breaches across networks, services, and applications.
• Updates cybersecurity processes and tools to continuously improve the program. Collaborates closely with cybersecurity program managers to ensure cybersecurity and DTS policies, guidelines, and controls are reviewed and maintained annually.
• Identifies, manages, and responds to security breaches, coordinating with DTS leadership to ensure appropriate resources and communication plans are in place.
• Manages and follows up on risks identified through security operations, training, and technical assessments to ensure risks are mitigated and resolved.
• Analyzes, investigates, and evaluates emerging cybersecurity technologies, software trends, and product roadmaps to assess impacts on the DTS roadmap.
• Builds and maintains working relationships and partnerships across the university community and broader sector, providing expert advice on committees, initiatives, and external communities of practice.
• Manages vendor relationships, including the development of RFPs, evaluation of proposals, and oversight of vendor performance, support agreements, and licensing.
• Contributes to team development through mentorship and knowledge sharing to support the growth of cybersecurity skills and expertise within the team.

KEY COMPETENCIES
Job knowledge: knowledge and experience with cybersecurity best practices; demonstrates proven leadership experience in developing strategies, plans, programs and policies related to the delivery of cybersecurity strategy and operations.
Service focus: understands the role of cybersecurity and digital solutions, and how change affects teams and processes; delivers services that align with the DTS roadmap that support the university’s key priorities of exceptional student and employee experience.
Result oriented: feels personally committed and accountable to deliver results quickly, accurately, and effectively; uses thoughtful judgement when responding to situations that are not going well and uses foresight to overcome obstacles.
Initiating action / taking initiative: embraces a continuous improvement mindset in an ongoing effort to improve services and processes; readily acts consistent within departmental or university objectives; volunteers readily and takes independent actions when appropriate.
Leadership and supervisory abilities: encourage and supports cross-functional, high performing teams; attracts and selects the best talent; coaches and inspires people; sets expectations, recognizes achievement, and proactively manages conflict. 
Problem solving and decision-making: ability to understand complex systems and processes and find diverse solutions to stubborn problems; makes clear, consistent, and transparent decisions; acts with integrity in all decision making.
Strategic planning and organizing: Demonstrated capacity to develop and implement strategies, tactical plans, policies, and procedures. Experience managing a cybersecurity 
program.
Employee development: achieve desired organizational results by encouraging and supporting the contribution of others; modeling positive leadership behaviours, including integrity, honesty, a sense of urgency and leading by example.

REQUIRED EDUCATION/TRAINING AND EXPERIENCE

• 5+ years of relevant professional experience, with 1 years in a recent leadership role with direct responsibility for a cybersecurity program, preferably in a public sector environment.
• Demonstrated experience in leading a cybersecurity program.
• Demonstrated experience and knowledge of cybersecurity processes, tools, and procedures, including policies and establishing governance structures.
• A bachelor’s degree
• Industry relevant designations such as CISSP, CISA, CRISC, ITIL, TOGAF.
• Experience with the ITIL framework and ITSM best practices, tools, and techniques; ITIL certification is an asset.
• Broad technical knowledge relating to cybersecurity practices, including patching, firewalls, network configurations, phishing, and software deployment.
• Demonstrated experience in effectively communicating and presenting cybersecurity risks to varies levels within an organization.
• Demonstrated experience in developing policies relating to a digital technology department, including cloud based.
• Completion of a criminal record check

Additional Details:

Our standard work week is Monday to Friday, 8:30am – 4:00pm, or dependent on the needs of the department.

Hours of Work Per Week:

35