Director - Information Security Office (J.O#10373ier) - Repost
Last Day to Apply: December 12, 2017
Employment Type: Full Time
DIRECTOR – INFORMATION SECURITY OFFICE
INFORMATION TECHNOLOGY SERVICES DEPARTMENT
*If you previously applied during the original posting period of September 11-22, 2017 no need to reapply as all applications will still be considered. Thank you.
Guided by a new and ambitious Corporate Plan, the Toronto Transit Commission (TTC), North America’s 3rd largest transit system, has embarked on a 5-year journey to transform into a transit system that makes Toronto proud. Our ongoing recruitment efforts are strategically aligned with the TTC’s corporate mission “to provide a reliable, efficient, and integrated bus, streetcar, and subway system that draws its high standards of customer care from our rich traditions of safety, service, and courtesy”.
We are currently seeking a Director –Information Security Office.
- Developing, managing and championing the TTC’s Information Security vision and strategy, including but not limited to the creation, maintenance, and enforcement of Information Security policies, standards, processes, and procedures
- Identifying and managing risks and/or threats related to information security, crisis/incident management, privacy, and compliance
- Ensuring TTC’s adherence to the legal, regulatory and industry requirements for information security and privacy applicable to a large public sector organization
- Providing direction and leadership in the development, delivery and execution of a comprehensive information security program to support the TTC corporate strategy and mandate
- Ensuring coordination between Governance, Compliance and audit functions in the Information Security Office
- Acting as a senior consultant to the organization on security and privacy risks affecting TTC Information assets
- Recommending and rationalizing security investments for appropriate mitigating controls, and assisting business partners and senior management in setting corporate security risk tolerance level for TTC’s ITS and core business functions
- Participating in the TTC customer service Ambassador Program
- Treating passengers and employees with respect and dignity and ensuring the needs of passengers and employees with disabilities are accommodated and/or addressed (if applicable and within their area of responsibility) in accordance with the Ontario Human Rights Code and Related Orders so that they can fully benefit from the TTC as a service-provider and an employer
SKILLS, KNOWLEDGE & EXPERIENCE
- Completion of a university degree in Computer Science, or the equivalent, combined with directly related experience in a business or computer related discipline. Minimum of 10 years’ experience in a combination of risk management, Information Security and IT positions with 5 years’ experience in a management capacity with supervisory responsibilities for direct reports
- Expert level knowledge of Information Security and risk frameworks, maturity models, standards, Privacy law, relevant regulatory requirements, principles and reference architectures (ie. ISO 2700x, ITIL, COBIT, CASL, MFIPPA, PHIPA, PCI DSS, ITSG04 TRAs)
- Extensive knowledge of diverse network security architecture planning and design and security risks affecting wired and wireless networks
- Significant practical experience with application and technical architectures, designing and implementing enterprise systems as well as in analysis, design and programming
- Strong knowledge of security testing, assessments and audit methodologies and tools including but not limited to: application technology security testing (white box, black box and code review), Threat Risk Assessments, Vulnerability Assessments and PEN testing
- Strong knowledge of specialized security requirements affecting Critical Infrastructure networks and mitigating controls and standards applicable to industrial network environments
- Experience in project solution architecture, security deliverables gating in project lifecycle, and SDLC of multiple, diverse technologies and processing environments
- Must possess an industry recognized information security certification (ie. CISM, CISSP)
- Strong oral and written communication skills and strong planning, organization, critical thinking/analytical, problem-solving and conceptual skills
- You must have or rapidly acquire a comprehensive knowledge of the Ontario Human Rights Code and Related Orders including disability accommodation and accessibility requirements pertaining to passengers and employees
Annual Salary Range: $111,784.40 - $139,776 (Level 12SA) – 35 Hour Work Week
At the Toronto Transit Commission (TTC), we place a high value on establishing a workplace where people are challenged and respected every day, and we keep Toronto moving with a dedication to service, safety and convenience that is unparalleled in our industry. We invite you to join our team in delivering on our commitment to creating a transit system that makes Toronto proud.
Hiring and selection preferences are not given in the employment of an employee’s relatives. Relatives of current TTC employees cannot be hired, assigned transferred or promoted into positions, where there is a potential conflict of interest due to relationship. If you are qualified for the position for which you are applying, you will be required to disclose the name, relationship, and position of any relative who is a current TTC employee at the employment interview.
The TTC is committed to fostering a positive workplace culture with a workforce that is representative of the communities it serves. Committed to the principles of diversity and inclusion, the TTC encourages applications from all qualified applicants. Accommodation is available for applicants, including those with disabilities, throughout the recruitment process. Please contact Human Resource- Employment Services at (416) 393-4570.