City of Toronto

City Division: Office of the CISO

Work Location: Metro Hall, 55 John Street

Job Type & Duration: Full Time, Permanent

Salary: $103,303.20 to $121,368.00

Shift Information: Monday to Friday, 40 Hours per Week

Affiliation: Non-Union

Number of Positions Open: 1

Posting Closing: Oct 28 2020

To provide senior level technical and business advice, support and services to all City's divisions, Agencies and Corporations on Cyber Diplomacy & Governance projects, programs and initiatives to support the execution of the Chief Information Security Officer's (CISO) mandate, cyber vision and strategy.

To organize, coordinate, execute, and deliver cyber security projects/programs/initiatives, working in collaboration with multiple teams across the organization.

To provide expertise, guidance and operational support in cyber program management.

Major Responsibilities:

• Ensures consistent delivery of highly available and high-quality services through the creation, monitoring and enforcement of Service Level Agreements and contractual performance objectives.
• Formulates consolidated budget for cyber programs on both a long and short term basis based on priorities and needs.
• Plans and coordinates efforts of analysts as the primary representative on financial management related matters.
• Develops and implements detailed plans and recommends cyber security policies/procedures regarding program specific requirements.
• Leads, coordinates, and executes assigned projects, ensuring effective teamwork and communication, high standards of work quality and organizational performance and continuous learning.
• Supervises the day to day operation of all assigned project staff and contract resources, including the scheduling, assigning and reviewing of work. Motivates and trains assigned staff. Coordinates vacation and overtime requests. Monitors and assists in evaluating staff performance, hears grievances and recommends disciplinary action when necessary.
• Provides guidance, advice, and direction to assigned project teams and contract resources to meet objectives.
• Works with Senior Specialists on large, complex projects, providing project coordination support, technical advice and guidance.
• Conducts research into assigned area ensuring that such research takes into account developments within the field, corporate policies and practices, legislation and initiatives by other levels of government.
• Ensures that project expenditures are controlled and maintained within approved budget limitations.
• Engages with teams across the organization to build alignment on key projects and initiatives and assists in developing execution roadmaps.
• Provides expertise in processes, procedures, and best practices in order to effectively deploy cyber projects, programs and initiatives.
• Assesses cyber security requirements of business strategies in order to provide appropriate advice, guidance, and technical solutions.
• Reviews, and facilitates approvals of security strategies within industry-accepted frameworks.
• Provides guidance in the evaluation, selection and recommendation of technical solutions and professional services. Identifies and evaluates emerging security technologies.
• Resolves cyber risk issues. Escalates significant cyber risk matters to senior management when required.
• Participates in defining program scope, develops and recommends guidelines, obtains business and information technology sponsor approvals, and coordinates the resources necessary to successfully complete the program initiatives.
• Monitors projects and coordinates cross-project activities ensuring controls are consistent with project and operational needs.
• Participates in all phases of projects or subsystems of major projects from inception through completion.
• Executes end-to-end delivery of activities throughout the lifecycle for assigned programs/projects/initiatives, in alignment with the change management strategy and business objectives.
• Works collaboratively with project managers/teams across the organization to ensure key change management activities are integrated into the overall project plan and executed on time and budget.
• Generates program metrics to communicate major milestones, identifies potential project risks, provides direction to the project team, conducts regular status meetings to review project activities, and communicates timely updates to leadership.
• Communicates effectively to stakeholders, clients, project managers, supervisors and team members regarding any business and technical decisions and actions that may impact solution delivery, staff performance, business processes, management workflow and technical support of public services.
• Prepares materials (memos, briefing notes, staff reports, presentations, charts, etc.) to effectively communicate findings and recommendations to a variety of stakeholders.
• Deals with confidential information affecting the organization and its resources. Prepares and presents reports to management supporting recommendations on changes/improvements in business processes, training and services standards that impact appropriate staffing levels and resource allocation. Makes recommendations based on investigation results which could lead to the discipline or dismissal of staff.
• Participates in the development, implementation, administration, monitoring and maintenance of security tools collecting confidential information on infrastructure and application weaknesses Maintains up to date knowledge of City's confidential cyber infrastructure.
• Works with senior management within the division to address active internal/external cyber threats to the City. Attends senior management meetings, makes recommendations to mitigate the threats, and takes appropriate urgent action as needed.
• Provides confidential assessments of organizational issues and makes recommendations for next steps, including policy, procedural and structural change.
• Ensures program management of project closeout to include coordination and completion of all technical, operational, procurement, and budgeting tasks.
• Applies change, risk and resource management and maintains control of deadlines, budgets and activities related to projects.
• Takes a proactive approach to manage issues and corrective actions and resolve program issues/project challenges.
• Establishes professional relations with clients to ensure client satisfaction.
• Ensures business process interactions with the service provider are effective and efficient.
• Reviews current processes for procurement and make recommendations where appropriate.
• Anticipates, analyzes and identifies organizational impacts of emerging requirements; recommends and coordinates innovative solutions using conflict resolution and negotiation skills to successfully manage sensitive and controversial matters.
• Provides project coordination and management support, and ensures comprehensive and effective information communication across various functional and project team.
• Organizes and works with multidisciplinary business and technical teams from across the organization to formulate and execute project plans and tasks according to established project management principles and methodologies.
• Maintains accurate reporting of key risk metrics and associated measurements in alignment with the cyber risk appetite.
• Prepares cyber risk management reports leveraging cyber risk subject matter expertise.
• Maintains an up-to-date and in-depth knowledge of cyber security, emerging threats, trends, and associated techniques and technologies as well as key business drivers and opportunities.

• Post-secondary degree in Business or Technology or a related discipline.
• Considerable experience in Information Security and program delivery.
• Considerable project management experience in deploying security-related initiatives.
• Experience working in transformative programs.
• Strong understanding of project management techniques and methods.
• Preferred Certifications (any in the list): CISSP, PMP.

Skills:

• Ability to work in transformative programs.
• Ability to lead efficient communication between all project stakeholders, including internal teams and clients
• Ability to achieve business objectives through influencing and effectively working with key stakeholders
• Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors).
• Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
• Keen attention to detail and strong organizational skills.
• Strong analytical skills and ability to prioritize and multitask.

A normal work week is 40 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity and Inclusion
The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

Accommodation
The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.