Job Description
Job Title: Sr. Security Advisor (Operations)Location: Toronto, ON (with minimal travel within the GTA)Type: 12 month contract with strong potential of a further 6 month extensionRole Overview: -Perform security assessments and security design work within IT related projects. -This includes SAP Security and role design -Work with 3rd party outsourcers to review project plans, deliverables, solution design, tools and development methods for information security risks, track those risks to closure, and interface with project sponsors-Help to drive the security program forward to increase the visibility of security to upper management. Responsibilities:-Attend project reviews as required, including assessment of Project Orders, RFP’s, Business Cases and Service Requirement Documents (SRD’s) -Ensure security requirements for the project are defined and captured -Provide risk management guidance and advice -Provide security architecture expertise to the project -Develop an enterprise vulnerability management program -Develop security statistical reports for management -Utilize established Business Information Technology’s 5 Stage Project Methodology to: -Manage IT Security Sponsored Projects: -Ensure requirements for the project are defined and captured -Manage resource allocation and timeline -Catalogue and manage costs for project build and sustainment -Manage communication of project objectives and deliverables to appropriate stakeholders -Manage resources used to deliver the project -Manage or co-manage IT Security Operations -Interdependently manage security incident response with outsourcers -Lead in the development of the enterprise vulnerability management program execution -Manage IT Security change control approvals and related obligations -Participate in weekly Architecture and Security planning and status meetings -Provide updates regarding project risks and status Skills and Experience -Education: BA or BSC in Computer Science, Engineering or equivalent working experience -CISSP and SANS security designations are preferable -15 years of experience in IT, with a strong technical background -10 years of experience in IT Security with a focus on security operations management -2 years of experience in IT Security Management or IT Security Compliance -2 years of experience with identity and access management (role design) -Experience working in an outsourced environment -5 years Experience working in and designing an enterprise class Security Operations Centre (SOC) -Strong document writing skills -Previous experience in the Power System industry would be an asset -Strong management skills including a proven, results orientated focus-Highly organized with a strong understanding of security and compliance frameworks like ISO27002 and or NERC -Superior Client Service Orientation – desire to help or serve the business to meet their needs -Solid Team leadership and mentoring skills Technology Experience Component Product / Technology Enterprise Server HP Itanium – HP-UX IBM P5 – AIX HP/IBM – Linux/Windows Microsoft Window Server – 2000, 2003, & 2008 Storage HP Storage Works XP / SAN Database Oracle, SQL , DB2 Enterprise Data Warehouse BI/BW, Cognos Desktop Operating System Microsoft Windows XP Security Policies/Procedures Intrusion Detection Virus Scan Identity and Access Management (Role design) Terminal Services Citrix Presentation Server Middleware Technologies BEA, Netweaver