Information Security Specialist

About The Position

Requirements

• University degree in Computer Science, Engineering or equivalent combination of education and experience.
• Minimum 7 years of Information security experience in a heterogeneous environment, with a broad range of platforms and technologies, including at least 2 years working with Information Security as a significant focus of activity.
• Minimum 3 years of progressive experience in creating, implementing and maintaining Information Security technologies and platforms.
• Excellent understanding of security tools and technologies such as firewall, IDS/IPS, SIEM, EDR, etc., used to protect on-prem or cloud infrastructure.
• Expert proficiency in security frameworks and foundational networking/OS security (Zero Trust concepts, TCP/IP, VPNs, Windows/Linux/Unix hardening).
• Experience with scripting (Python, Bash) to automate security tasks.
• Extensive experience leveraging network and security analysis tools for deep packet inspection, forensic analysis, and advanced troubleshooting.
• Experience in selecting, configuring, and deploying service misuse detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).
• Experience running penetration testing and vulnerability scanning (Metasploit, Nessus, etc.).
• Experience drafting information security standards and guidelines, assessing risk management, and determining controls.
• Experience performing security assessments of infrastructure (cloud and on-premise), applications and websites.
• Able to think strategically about change and new solutions.
• Excellent oral and written communication and presentation skills.
• Strong analytical and problem-solving skills.
• Ability to prioritize and reprioritize work as required.
• Collaboration and teamwork.
• Thirst for knowledge, self-education and research.
• Strong planning and organization skills.
• Ability to work under pressure of high volume and expectations, while meeting multiple deadlines for multiple projects.
• Strong service orientation coupled with the ability to recognize and assess the operational significance of a problem, control/mitigate the risk and set priorities accordingly.
• Strong ability to assess risks and controls of computing systems and operations.
• Demonstrated broad knowledge of information technology, instructional technology, classroom technology, audiovisual technologies, digital signage, network technologies, databases and application development.
• Strong ability and willingness to work effectively as a team leader and team member; must be able to collaborate and cooperate with team members, project sponsors, and other stakeholders.
• Ability to lead team members of varying levels and skill sets, including Professional/Managerial as well as staff.
• Must be able to deal calmly and effectively with a variety of people.
• Demonstrated ability to exercise sound judgment, tact and diplomacy.
• Ability to effectively navigate a professional and political climate, including assessing the requirement to escalate and issue to more senior levels of management or resources or bodies outside the Faculty; ability to maintain a high level of confidentiality.
• Ability and willingness to learn new systems, technologies and project management methods and tools.

Nice To Haves

• CISSP and other security certifications are a strong asset.
• Previous experience in the implementation and management of security tools is a strong asset.
• IT Security certifications held or in progress are an asset.

Responsibilities

• Implementing, managing and optimizing information security platforms designed to protect data and systems, prevent unauthorized access, and respond effectively to potential threats.
• Acting as a subject matter expert in the implementation of security controls across a range of technologies and ensuring these controls address IT requirements in an ever-evolving threat landscape.
• Working closely with IT teams and other departments to ensure security best practices are integrated into daily operations and projects.
• Configuration, maintenance, and tuning of security tools – including SIEM, EDR, PAM, MDM, Firewall, vulnerability scanner, and intrusion prevention/detection systems – to ensure proactive threat detection and mitigation.
• Monitoring security alerts and dashboards, responding to suspicious activities, and optimizing system effectiveness for timely and accurate threat detection.
• Performing information security incident response in situations where systems or applications have been breached either internally or through external attacks.
• Gathering required forensic data in collaboration with relevant teams in instances of employee-related breaches and misconduct, and of potential IT-related criminal activity, partnering with relevant UTM departments, such as Campus.