Information Security Specialist

Information Security Specialist for provincial government regulatory client, downtown Toronto.

Marberg Job Number: 1837.
Job Type:  Temporary-to-Permanent.
Initial Term:  ASAP for initial 3 month term, with expectation of permanent full-time hire.
Compensation: $58.64 per hour to $68.66 per hour for assignment. Full time position offers salary between $106,725 to $125,000 per annum, plus benefits, pension, performance bonuses, and additional incentives.
Regular Work Hours: 7.0 hours per day not including unpaid 1 hour lunch break, to be worked during regular business hours, Monday to Friday (35 work hours per week). Overtime requirements during peak periods.
Work Location: Hybrid – combination of remote-based and onsite work at Client’s downtown Toronto office, on PATH, and near TTC station.  

Responsibilities Summary:  
Support organization’s information security programs, services and initiatives in alignment with business objectives, including establishment of policies and procedures to ensure organization-wide adherence with information security protocols.

• Lead and define information security compliance framework, and align with information security operations team to ensure its implementation.
• Assist with design and implementation of disaster recovery and business continuity plans, procedures, audits and enhancements.
• Develop, assess and implement information security controls, standards, policies and procedures to protect and maintain integrity of data systems 
• Provide subject matter expertise on information security frameworks and regulations, and advise information security operations team and cross-functional project team members on security threats and risk mitigations. 
• Draft policies and standards guided by the National Institute of Standards and Technology (NIST) ISO27001 and ISO27002.  
• Conduct security risk assessments.  Review information security KPI metrics.  Collaborate with regulators and information security committees to assess potential security risks, understand impacts and consequences, and discuss solutions.
• Advise on information security industry trends and issues, providing technical guidance and support on information security frameworks, programs and projects.  Advise on compliance standards, including maintenance and administration of security systems and devices.
• Align with Legal to ensure information security framework compliance with regulatory and data confidentiality requirements.
• Manage relationships with information security vendors and ensure compliance with service level agreements. 
• Provide briefing materials and additional support to information security committee meetings, and represent organization in discussions as required.
• Additional information security program responsibilities as required.

Qualifications:  
Education:  Post secondary Degree in Information Technology, Computer Science, Engineering, or equivalent discipline.
Professional Credentials: CRISC, CISM, CISA or equivalent certification preferred. ITIL and PMP certifications preferred.
Preferred Work Experience:  At least 10+ years of hands-on work experience in Information Security or Risk Management.
Required Sector Experience:  ERP level organization experience required.

Technical and Language Skills Requirements:    

• Expert level proficiency in application, network, and operating system security; security architectures; and application of privacy and security controls, including authentication, authorization, auditing, and encryption.
• Proficient English communication skills, both written and verbal, including strong business and technical writing skills, and professional verbal presentation skills.

Task -Based Qualifications and Additional Attributes:     

• Advanced understanding of application and utilization of information security controls in threat mitigation.
• Demonstrated experience conducting security reviews, implementing information security recommendations, analyzing technical controls, and applying security control standards.
• Advanced and up-to-date understanding of IT governance frameworks, security programs and roadmaps.
• Proven ability to work effectively with vendors and auditors.
• Demonstrated record of professional conduct and character. Responsible, reliable and works to deadlines. 
• Pleasant and courteous: demonstrated commitment to client service and professional representation of the organization.  
• Demonstrated ability to work well independently, collaboratively, and in an advisory capacity.  Excellent listening skills, and the ability to provide and receive effective feedback. Proficient de-escalation skills.
• Proven ability to respond to sensitive and confidential matters with tact, discretion, and excellent judgement in the interpretation and application of instructions and organization policy.
• Demonstrated ability to apply project management principles, methodologies and best practices.
• Strong relationship management skills including client and vendor relations management, business networking, negotiation, change management and consulting/advisory skills.  
• Demonstrated team leadership skills, with the ability to motivate and engage with a diverse group of internal and external stakeholders, at all levels of seniority.

Additional Requirements:    

• Must be legally entitled to work in Canada, providing satisfactory documentation upon request.
• Ability to work both remotely and onsite as required, abiding by organization health and safety policies.
• Ability to provide 3 recent, qualified employment references, who are available to speak with either Marberg or the Client promptly upon request.  
• Ability to declare personal Non-Conflict of Interest in execution of assignment responsibilities prior to assignment start.
• Ability to complete a satisfactory Provincial Government security check, including a Fingerprint Check, prior to assignment start. Please note that Marberg will reimburse for the cost of the security and fingerprint checks upon confirmation of assignment start and submission of approved expense receipts.
• Provision of certification of AODA and OHSA online training course completion prior to assignment start.
• Provision of certification of full COVID-19 vaccination series prior to assignment start.  
• Additional satisfactory Background Checks and Employment References as required.

We thank all applicants for their interest but wish to advise that only those selected for an interview will be contacted.

Please note that Marberg Staffing updates job posts regularly, and external job boards may not reflect these changes in a timely fashion. Please refer to https://marberg.com/career-portal for the most current information including salary range.

Please note that Marberg Staffing only accepts applications through Indeed.ca, LinkedIn and marberg.com.

Marberg is committed to supporting workplace diversity and inclusivity, to reflect the demographic profile of all Ontarians.  Applications are encouraged from equity seeking groups including people of colour, Indigenous people, individuals with disabilities, and people from the LGBTQ2S community.