City of Toronto
Oct 9 2020 - Oct 23-2020
To provide senior level technical and business advice, support and services to all City's divisions, Agencies and Corporations on Cyber Diplomacy & Governance projects, programs and initiatives to support the execution of the Chief Information Security Officer's (CISO) mandate, cyber vision and strategy.
To organize, coordinate, execute, and deliver cyber security projects/programs/initiatives, working in collaboration with multiple teams across the organization.
To provide expertise, guidance and operational support to develop and execute the strategy, goals, and objectives of the cyber awareness and training program.
- Develops and executes the strategy,
goals, and objectives for the cyber awareness and training program.
- Provides expertise in cyber awareness training, security-related threats, risks, practices and capabilities to address them in order to effectively design, develop and deliver training programs/products/services.
- Develops and implements a positive and progressive program that engages employees, contractors and vendors and reduces the human risk factors, and influences behavioral and cultural changes.
- Creates highly effective and engaging educational content using a wide variety of content formats, different distribution techniques, and engagement with internal businesses to ensure the program has the greatest reach possible, captures attention aligned to strategic initiatives and education initiatives.
- Sustains and improves the awareness program by staying up to date on current and emerging techniques, and participating in industry events.
- Promotes awareness of information security policies through the creation and maintenance of an online presence that is intuitive to use, provides engaging activities to reinforce behaviors, and serves as a central repository for security guidance and references.
- Maintains information to ensure content is kept updated and reflects changing requirements within the organization and changes in cyber security and information technology risk.
- Leads a broad set of activities, including: drafting publications, creating and managing website content, facilitating marketing campaigns, scheduling meetings, creating timelines and infographics; and helping to plan outreach, awareness, and educational events.
- Evaluates the effectiveness of existing information security training, education, and awareness program/activities.
- Creates a metrics framework that can effectively measure engagement, behaviors, and impact.
- Reviews and implements management's action plans for cyber awareness assessments.
- Develops and implements detailed plans and recommends cyber security policies/procedures regarding program specific requirements.
- Leads, coordinates, and executes assigned projects, ensuring effective teamwork and communication, high standards of work quality and organizational performance and continuous learning.
- Supervises the day to day operation of all assigned project staff and contract resources, including the scheduling, assigning and reviewing of work. Motivates and trains assigned staff. Coordinates vacation and overtime requests. Monitors and assists in evaluating staff performance, hears grievances and recommends disciplinary action when necessary.
- Provides guidance, advice, and direction to assigned project teams and contract resources to meet objectives.
- Works with Senior Specialists on large, complex projects, providing project coordination support, technical advice and guidance.
- Conducts research into assigned area ensuring that such research takes into account developments within the field, corporate policies and practices, legislation and initiatives by other levels of government.
- Ensures that project expenditures are controlled and maintained within approved budget limitations.
- Engages with teams across the organization to build alignment on key projects and initiatives and assists in developing execution roadmaps.
- Provides expertise in processes, procedures, and best practices in order to effectively deploy cyber projects, programs and initiatives.
- Assesses cyber security requirements of business strategies in order to provide appropriate advice, guidance, and technical solutions.
- Reviews, and facilitates approvals of security strategies within industry-accepted frameworks.
- Provides guidance in the evaluation, selection and recommendation of technical solutions and professional services. Identifies and evaluates emerging security technologies.
- Resolves cyber risk issues. Escalates significant cyber risk matters to senior management when required.
- Participates in defining program scope, develops and recommends guidelines, obtains business and information technology sponsor approvals, and coordinates the resources necessary to successfully complete the program initiatives.
- Monitors projects and coordinates cross-project activities ensuring controls are consistent with project and operational needs.
- Participates in all phases of projects or subsystems of major projects from inception through completion.
- Executes end-to-end delivery of activities throughout the lifecycle for assigned programs/projects/initiatives, in alignment with the change management strategy and business objectives.
- Works collaboratively with project managers/teams across the organization to ensure key change management activities are integrated into the overall project plan and executed on time and budget.
- Generates program metrics to communicate major milestones, identifies potential project risks, provides direction to the project team, conducts regular status meetings to review project activities, and communicates timely updates to leadership.
- Communicates effectively to stakeholders, clients, project managers, supervisors and team members regarding any business and technical decisions and actions that may impact solution delivery, staff performance, business processes, management workflow and technical support of public services.
- Prepares materials (memos, briefing notes, staff reports, presentations, charts, etc.) to effectively communicate findings and recommendations to a variety of stakeholders.
- Deals with confidential information affecting the organization and its resources. Prepares and presents reports to management supporting recommendations on changes/improvements in business processes, training and services standards that impact appropriate staffing levels and resource allocation. Makes recommendations based on investigation results which could lead to the discipline or dismissal of staff.
- Participates in the development, implementation, administration, monitoring and maintenance of security tools collecting confidential information on infrastructure and application weaknesses Maintains up to date knowledge of City's confidential cyber infrastructure.
- Works with senior management within the division to address active internal/external cyber threats to the City. Attends senior management meetings, makes recommendations to mitigate the threats, and takes appropriate urgent action as needed.
- Provides confidential assessments of organizational issues and makes recommendations for next steps, including policy, procedural and structural change.
- Ensures program management of project closeout to include coordination and completion of all technical, operational, procurement, and budgeting tasks.
- Applies change, risk and resource management and maintains control of deadlines, budgets and activities related to projects.
- Takes a proactive approach to manage issues and corrective actions and resolve program issues/project challenges.
- Establishes professional relations with clients to ensure client satisfaction.
- Ensures business process interactions with the service provider are effective and efficient.
- Reviews current processes for procurement and make recommendations where appropriate.
- Anticipates, analyzes and identifies organizational impacts of emerging requirements; recommends and coordinates innovative solutions using conflict resolution and negotiation skills to successfully manage sensitive and controversial matters.
- Provides project coordination and management support, and ensures comprehensive and effective information communication across various functional and project team.
- Organizes and works with multidisciplinary business and technical teams from across the organization to formulate and execute project plans and tasks according to established project management principles and methodologies.
- Maintains accurate reporting of key risk metrics and associated measurements in alignment with the cyber risk appetite.
- Prepares cyber risk management reports leveraging cyber risk subject matter expertise.
- Maintains an up-to-date and in-depth knowledge of cyber security, emerging threats, trends, and associated techniques and technologies as well as key business drivers and opportunities.
- Post-secondary degree in Business or Technology or a related discipline, and/or equivalent experience
- Extensive experience in cyber awareness training.
- Extensive experience in cyber awareness training program development for large and complex organization which includes instruction development and design, learning management, or other applicable experience.
- Experience in the design, development, and delivery of training product and services delivered through multiple modalities (e.g., print, web, video, classroom, etc.).
- Experience in developing metrics and provide analysis to measure effectiveness of cyber awareness programs.
- Foundational understanding of security-related threats and risks, as well as practices and capabilities to address them.
- Strong knowledge of effective security practices in a large, complex environment and awareness of general security-related training requirements within this environment.
- Ability to work in transformative programs
- Ability to lead efficient communication between all project stakeholders, including internal teams and clients
- Ability to achieve business objectives through influencing and effectively working with key stakeholders
- Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors).
- Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
- Keen attention to detail and strong organizational skills.
- Strong analytical skills and ability to prioritize and multitask.
- Ability to work in transformative programs.
- Preferred Certification: CISSP
Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.
Terms: Permanent Position Annual Salary Range: $100,000 - $130,000 Job Description Boxfish Infrastructure Group (BIG) is seeking an experienced Rail Modeling & Operations Analystto use industry [...]
Uberflip is a marketing technology company founded in 2012 with 135+ employees and headquarters in Toronto. Customer-facing teams use the Uberflip platform for packaging marketing collateral into mi [...]
While people dream of a better energy future, Peak Power is building it. Founded in 2015, Peak has developed a comprehensive software platform that alleviates strain on the electricity grid and drives [...]
Are you interested in playing a role in conserving Ontario's cultural heritage? The Heritage, Tourism and Culture Division, requires your specialized knowledge and skills in the field of archaeolog [...]