Job Summary
We are seeking a highly skilled and experienced CIT Information Security Lead to oversee and enhance our organization's cybersecurity posture. The ideal candidate will be responsible for developing, implementing, and managing security protocols to protect our IT infrastructure, cloud environments, and data assets. This role requires a strong understanding of network security, incident response, system administration, and compliance standards such as ISO 27000 and PCI. The CIT Information Security Lead will lead security initiatives across diverse platforms including UNIX, Linux, Windows, AWS, Azure, and Google Cloud Platform, ensuring robust defense mechanisms against cyber threats.
Responsibilities
- Develop and enforce comprehensive information security policies aligned with industry standards such as ISO 27000, COBIT, and PCI compliance.
- Lead incident response efforts by identifying vulnerabilities, analyzing security breaches, and coordinating remediation strategies utilizing SIEM tools like Splunk.
- Oversee network security operations including firewall management, IDS/IPS deployment, VPN setup, load balancing, and network monitoring across LAN/WAN environments.
- Manage identity & access management systems including Active Directory, LDAP, PKI, and authentication protocols to ensure secure user access.
- Conduct vulnerability research and system security assessments on various operating systems including UNIX, Linux, Windows, macOS, and cloud infrastructure platforms such as AWS and Google Cloud.
- Implement encryption solutions and manage Public Key Infrastructure (PKI) to safeguard sensitive data in transit and at rest.
- Collaborate with DevOps teams to integrate security into SDLC processes using CI/CD pipelines and scripting languages like Python, PowerShell, Shell Scripting.
- Monitor emerging cybersecurity threats related to Internet of Things (IoT), cloud architecture, and computer networking to proactively defend organizational assets.
- Lead disaster recovery planning and system forensics investigations to ensure business continuity in the event of security incidents.
- Stay current with evolving cybersecurity trends by researching vulnerabilities related to TCP/IP protocols, DNS/DHCP configurations, load balancing techniques, and cloud computing architectures.
Requirements
- Bachelor’s degree in Computer Science or a related field; advanced certifications such as CISSP or CISA are preferred.
- Proven experience in information security management within enterprise IT environments.
- Strong knowledge of network protocols including TCP/IP, TCP/UDP sockets programming, IPsec VPNs, DNS/DHCP services.
- Hands-on experience with SIEM tools (e.g., Splunk), IDS/IPS systems (e.g., Juniper), firewalls (e.g., Citrix), and system administration across UNIX/Linux/Windows platforms.
- Proficiency in scripting languages such as Python, PowerShell, Shell Scripting for automation purposes.
- Familiarity with cloud infrastructure services including AWS (EC2, S3), Azure (VMs), Google Cloud Platform (GCP), PaaS/IaaS models.
- Knowledge of cybersecurity frameworks like ISO 27000 series standards and COBIT best practices.
- Experience with vulnerability research methodologies and computer forensics techniques.
- Ability to work collaboratively within an Agile environment while managing multiple projects simultaneously.
- Strong analytical skills with attention to detail in identifying potential security risks before they materialize.
This position offers an opportunity to lead critical cybersecurity initiatives within a dynamic organization committed to maintaining the highest standards of information protection.
Pay: $115,000.00 per year
Benefits:
- Company events
- Employee stock purchase plan
- On-site parking
- Paid time off
- Profit sharing
- RRSP match
- Work from home
Work Location: Hybrid remote in Markham, ON