Apply now »

Systems and Security Technical Lead

Date Posted: 01/30/2025
Req ID:41494
Faculty/Division: Faculty of Arts & Science
Department: Citizen Lab
Campus: St. George (Downtown Toronto)

 

Description:

About us:

The Faculty of Arts & Science is the heart of Canada’s leading university and one of the most comprehensive and diverse academic divisions in the world. The strength of Arts & Science derives from our combined teaching and research excellence in the humanities, sciences and social sciences across 29 departments, seven colleges and 46 interdisciplinary centres, institutes and programs.

We can only realize our mission with the dedication and excellence of engaged staff and faculty. The diversity of opportunities and perspectives within the Faculty reflect the local and global landscape and the need for curiosity, innovative thinking and collaboration. At Arts & Science, we take pride in our legacy of innovation and discovery that has changed the way we think about the world.

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research, development, and high-level strategic policy and legal engagement at the intersection of information and communication technologies, human rights, and global security. The Lab uses a “mixed methods” approach to research combining practices from political science, law, computer science, and area studies. Our research includes investigating digital espionage against civil society, documenting Internet filtering and other technologies and practices that impact freedom of expression online, analyzing privacy, security, and information controls of popular applications, and examining transparency and accountability mechanisms relevant to the relationship between corporations and state agencies regarding personal data and other surveillance activities.

 


Your opportunity:

Reporting to the Director of Administration, Citizen Lab and working under the general direction of the Director, Citizen Lab in coordination with the University of Toronto’s Chief Information Security Officer (CISO), the Systems and Security Technical Lead is responsible for working with Information Technology staff and resources at Citizen Lab and the wider University to minimize risk of the compromising of information, data, servers, and server-based applications.  Work is done in the context of existing policy, guidelines and applicable legislation in a fluid, consultative environment.

 

The Systems and Security Technical Lead assumes responsibility for the strategic and tactical planning and provision of systems security, confidentiality, privacy and risk management in the areas of systems administration, server and service design, implementation, operation and support. The Systems and Security Technical Lead is responsible for developing, updating, implementing, promoting and training the community on the Citizen Lab’s Information Security Program. The Systems and Security Technical Lead is instrumental in ensuring reliable and robust access controls, service availability, and activity / incident reporting. The Systems and Security Technical Lead applies known security standards as well as establishes new security standards and best practices related to the use and operation of information technology solutions, systems, servers, network services solutions and proposes strategies by which those standards and best practices are implemented, tested and confirmed on a regular basis.

 

The Systems and Security Technical Lead works to support and undertake forensic audits of IT systems and services whose access control mechanisms have been compromised or circumvented, both within and from outside of the University working with the I+TS Information Security and Enterprise Architecture (ISEA) unit as well as external auditors when required. The Systems and Security Technical Lead reviews and performs detective auditing of the Citizen Lab Systems Administrators and other privileged IDs for all Citizen Lab systems and servers, actively monitors threats; works to ensure systems, servers and computing solutions administered by the Citizen Lab are secure, with uncompromised access.   

 

The Systems and Security Technical Lead acts as a project manager for IT projects that fall within areas related to Information Security or projects, which include confidential and restricted information following the security standards and best practices for Identity and Access Management, Information Disclosure, Information Integrity, Business Continuity and Protection of Privacy.  

 

The Systems and Security Technical Lead reviews the performance of security controls, and effectiveness of projects to achieve the security goals of Citizen Lab, in the context of the University. The Systems and Security Technical Lead is also responsible for the initiation, specification and assessment of a wide variety of contracts covering information security related hardware, software, support and services. The  Systems and Security Technical Lead tables proposals to augment and/or improve services delivered and participates in reviewing proposals from others, using in-depth technical expertise and a teamwork approach to organizational issues in daily day-to-day developments and in tactical and strategic planning efforts.

 

 

Essential Qualifications:

 

EDUCATION:

University degree in a relevant field, (e.g. Computer Science, Engineering), or equivalent combination of education and experience.

 

EXPERIENCE:

 

  • Six (6) years working in an Information Technology environment, including at least two years working with Information Security as a significant focus of activity.
  • Requires broad and in depth knowledge of industry innovations and state-of-the-art technology in both computing and networking arenas.
  • IT Security certifications held or in progress is an asset. High performance computing systems management and networking is highly desirable. 
  • Expert understanding of client and server application deployment and support.
  • Strong understanding of client and server activity tracking. 
  • Strong understanding of IT Architecture concepts and security methodologies.
  • Experience auditing systems for compliance (PCIDSS, PA-DSS, etc.).
  • Experience drafting information security standards and guidelines, assessing risk management and determining controls.
  • Experience in administering enterprise-level Unix-based server applications. 
  • Strong Scripting skills required including Shell and interpreted languages.
  • Experience with application / scripting tools (bash, Python).
  • Experience configuring databases and database-backed applications (SQL Server, MySQL).
  • Extensive experience using network and security analysis tools.
  • Extensive experience with intrusion detection and prevention – host and network, active and passive.
  • Experience in selecting, configuring and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).
  • Experience running penetration testing and vulnerability scanning (Metasploit, Nessus, etc.).
  • Experience with deploying, configuring and securing virtualized environments, and services running in it. 

 

SKILLS:

  • Expert level understanding of the Linux operating systems at both server and client level.
  • Comprehensive knowledge of TCP/IP networking and client-server architecture and protocols.
  • Strong understanding of network configuration, hardware and next-gen firewall/IPS technologies (Cisco ASA, Juniper, Fortinet, Palo Alto)
  • Expert level understanding of the following access control technologies – LDAP and Kerberos.
  • Expert knowledge of Virtual Private Networks (VPNs). Expert knowledge of Encryption technologies at network, file and file-system levels.
  • Strong understanding of cryptographic certificates and the operation of certificate authorities.
  • Excellent communication, instruction and presentation skills. 
  • Able to describe a variety of complex technical concepts or policies to users and senior leadership at all technical experience levels and to deliver security awareness and education content to faculty, staff and students.

 

OTHER:

 

  • Ability to work under pressure of high volume and expectations, while meeting multiple deadlines for multiple projects;
  • strong service orientation coupled with ability to recognize and assess the operational significance of a problem, control/mitigate the risk and set priorities accordingly.
  • Strong ability to assess risks and controls of computing systems and operations.
  • Demonstrated broad knowledge of information technology, network technologies, databases and application development.
  • Strong ability and willingness to work effectively as a team leader and team member; must be able to collaborate and cooperate with team members, project sponsors, other stakeholders.
  • Ability to lead team members of varying levels and skills. Must be able to deal calmly and effectively with a variety of people.
  • Demonstrated ability to exercise sound judgment, tact and diplomacy.
  • Ability to effectively navigate a professional and political climate including assessing the requirement to escalate and issue to more senior levels of management or resources; ability to maintain a high level of confidentiality.
  • Ability and willingness to learn new systems, technologies and project management methods and tools.

 

 

Closing Date: 02/20/2025,11:59PM ET
Employee Group: Salaried 
Appointment Type: Grant - Continuing 
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 3 -- Hiring Zone: $91,937 - $107,259 -- Broadband Salary Range: $91,937 - $153,227
Job Category: Information Technology (IT)

All qualified candidates are encouraged to apply; however, Canadians and permanent residents will be given priority.

Diversity Statement

The University of Toronto embraces Diversity and is building a culture of belonging that increases our capacity to effectively address and serve the interests of our global community. We strongly encourage applications from Indigenous Peoples, Black and racialized persons, women, persons with disabilities, and people of diverse sexual and gender identities. We value applicants who have demonstrated a commitment to equity, diversity and inclusion and recognize that diverse perspectives, experiences, and expertise are essential to strengthening our academic mission.

As part of your application, you will be asked to complete a brief Diversity Survey. This survey is voluntary. Any information directly related to you is confidential and cannot be accessed by search committees or human resources staff. Results will be aggregated for institutional planning purposes. For more information, please see http://uoft.me/UP.

Accessibility Statement

The University strives to be an equitable and inclusive community, and proactively seeks to increase diversity among its community members. Our values regarding equity and diversity are linked with our unwavering commitment to excellence in the pursuit of our academic mission.

The University is committed to the principles of the Accessibility for Ontarians with Disabilities Act (AODA). As such, we strive to make our recruitment, assessment and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities.

If you require any accommodations at any point during the application and hiring process, please contact uoft.careers@utoronto.ca.


Job Segment: Compliance, Information Security, Risk Management, Computer Science, Drafting, Legal, Technology, Finance, Engineering

Apply now »