Manager, IT Security

  • Edmonton, AB, Canada
  • Full-time

Company Description

Edmonton International Airport is a self-funded, not-for-profit corporation whose mandate is to drive economic prosperity for the Edmonton Region. EIA is Canada’s fastest-growing major airport over the past 10 years, the fifth-busiest airport by passenger traffic and the largest major Canadian airport by land area. EIA offers non-stop connections to more than 60 destinations across Canada, the US, Mexico, the Caribbean and Europe. At EIA you become part of a tightly knit team, working in a supportive environment, dedicated to fulfilling our vision of more flights to more places.

Job Description

POSITION RESPONSIBILITIES:

Reporting to the Operations SBU, Director, Information Technology, the Manager, IT Security is a member of the Information Technology Management Team. This position is focused on IT Security, assessment and compliance activities across all the IT related disciplines, both Corporate IT & Airport IT, and is the primary point of contact related to managing the Airport’s cyber security risk exposure.

POSITION ACCOUNTABILITIES:

·         Create and manage a strong team of Stratum 1 employees, including determination of optimal numbers, recruitment, retention, and development.

·         Ensure the delivery of optimal results against appropriate performance metrics. Including: progress related to maturity assessments based on NIST-CSF (National Institute of Standards and Technology – Cyber Security Framework), user “participation” in IT Security Training and “susceptibility ratings” to phishing or social engineering by Edmonton Airports Staff, Network Penetration testing and vulnerability scanning, PCI-DSS (Payment Card Industry Data Security Standard) certifications on both the Campus Area Network (service provider) as well as Parking Systems (merchant).

·         Development of IT Security Governance and Policy recommendations including the Procedures, Controls and Measurements & Metrics to adequately mitigate any related risk exposures resulting from the use of technology.

·         Utilize tools related to monitoring of the Security Operations of the IT Environment (including but not limited to Security Information & Event Management, Dark Trace Enterprise Immune System, Windows Defender Security Center, Microsoft “Sure Score” evaluations of the Windows & Office 365 cloud environments, Crowdstrike Falcon Overwatch, SHODAN vulnerability scanning) and follow-up with the various IT Teams & Management to ensure that any identified discrepancies are promptly addressed.

·         Maintain an IT Risk Register, aligned with the Corporate Enterprise Risk Management Framework and Integrated Assurance activities lead by Risk, General Council & Governance SBU. This includes bi-monthly (every 2 weeks) scheduled “check in” meetings with the Manager, Internal Audit and Risk Assurance. Meeting topics would include progress on any internal or third-party assurance work, new technologies coming into production, risk identification and assessment.

Qualifications

POSITION REQUIREMENTS:

·         Bachelor’s Degree in Computer Science, Engineering or equivalent post secondary education and direct IT industry work experience

·         Leadership Development Program certificate or equivalent training to enhance leadership skills

·         Relevant technical Cyber Security Certifications such as SANS Systems and Network Auditor (GSNA) or Information Security Professional (GISP) or Certified Information Systems Security Professional (CISSP) certifications required

·         Relevant leadership Cyber Security Certifications such as SANS GIAC Security Leadership (GSLC) or Certified Information Security Manager (CISM) certifications considered an asset

·         Experience working in Audit, Compliance, Quality Assurance or equivalent capacity

·         Direct experience with Contract Management negotiation and ensuring deliverables

·         Direct experience with Budgeting and Program/Project Management

·         Ability to secure and maintain appropriate airport security clearance and acceptable criminal record check is required.

Applicants from this competition may be utilized to fill future vacancies of a similar nature

Additional Information

Manager, IT Security

1 Full-Time, Permanent Position; Poster #2018-32

REPORTS TO:        Director, Information Technology

BAND:                    Excluded

SALARY:                Commensurate with experience

POSTING DATE:   July 27, 2018 (External)

CLOSING DATE:   Until a suitable candidate is found