Description

Are you a strategic IT Security professional with seasoned experience in assessing risk, developing solutions, and implementing proactive surveillance that protects information assets? Do you excel in a multi-stakeholder environment that requires advanced collaboration skills to build relationships, provide advice, and attain compliance with security procedures and policies? If so, then our IT Department has an attractive career opportunity for you. We are currently seeking an experienced IT Security Manager who will deliver service that is customer-focused, solutions-oriented, sustainable and innovative. Our diverse organization is comprised of 1500 employees across a wide variety of business areas. Located just two hours south of Calgary and close to the Rocky Mountains and U.S. border, Lethbridge is a family-oriented and culturally vibrant community with diverse recreational opportunities, fine restaurants & shopping, and home to two innovative post-secondary institutions – the University of Lethbridge and Lethbridge College.

Requirements

Reporting to the General Manager of IT, you will develop and implement strategies, controls, and policies that ensure the integrity and confidentiality of the City’s data and systems. These responsibilities will encompass three key areas of security management: Strategy & Planning; Acquisition & Deployment; and Operational Management. Within Strategy & Planning, you will be responsible for managing the overarching Information Security Program, as well as creating and maintaining security architecture design. Other responsibilities in this area will include building and maintaining the Business Continuity Plan & Disaster Recovery Plan; security awareness training programs; and metrics for performance measurement and reporting.

Acquisition & Deployment responsibilities will include researching, acquiring, testing, and maintaining security hardware and software solutions. This will include overseeing deployment, integration and configuration activities by security staff, and maintaining a current knowledge/best practices repository of information.

Operationally, you will prepare and respond to threats and incidents -- ensuring solutions are incorporated into strategic IT plans, with clearly defined service expectations. You will also supervise the design and execution of vulnerability assessments, penetration tests, and security audits; lead and coordinate security-related projects and regular security training; and supervise investigations of incidents or identified threats. Using your advanced supervisory skills, you will also provide daily direction and mentorship to an IT Security Analyst to support them in their professional growth and development.

Your professional background should include:

A commitment to delivering exemplary public service
Advanced relationship skills that are collaborative, responsive and supportive
A post-secondary degree in Information Technology -- complemented by proficient skills in information security management frameworks, and IT governance best practices (e.g. ITIL, HDI, COBIT)
10+ years of general IT experience, with extensive experience (5+ years) in an IT Security role -- preferably in a public sector environment (other combinations of education and experience may be considered)
Current certification in CISSP, CISM, CISA, CEH or GPEN, with a commitment to working toward multiple security certifications
A strong business orientation, with demonstrated ability to be innovative and strategic to solve business issues while also managing costs, security, and risk
Extensive experience in:
- Enterprise security architecture design, document creation, and security training
- Business Continuity & Disaster Recovery plan development
- Metrics development and reporting
- Successfully planning and executing security-related project
- Superior analytical skills, with significant risk identification and mitigation experience
- Advanced verbal and written communication skills, including report writing, business case development, and presentation skills
- Proficient project management experience (a PMP designation will be considered an asset)
- Success in leading, managing, and empowering a team in an environment of frequent change and innovation
- Current knowledge of best practices in IT Security
- The ability to successfully manage and adapt to multiple priorities on a daily basis
- Budget preparation and management skills