Torstar Corporation is a broadly-based media company. Its businesses include the Toronto Star, Canada’s largest daily newspaper, six regional daily newspapers in Ontario including The Hamilton Spectator, and more than 70 weekly community newspapers in Ontario; flyer distribution services; and digital properties including thestar.com (with local editions in Toronto, Vancouver, Calgary, Edmonton, Winnipeg, Ottawa and Halifax), wheels.ca, toronto.com, save.ca, a number of regional online sites. Torstar also holds a majority interest in VerticalScope, a North American vertically-focused digital media company.

The Toronto Star is Canada’s largest daily newspaper and is read in print and across desktop, mobile and tablet platforms by more than 6 million readers every week. Online, thestar.com is one of the most-visited newspaper websites in Canada.

Diversity & Inclusion
Torstar is an equal opportunity employer committed to diversity and inclusion. Torstar is committed to ensuring employment opportunity to qualified applicants without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, creed, sex, sexual orientation, gender identity, gender expression, marital status, family status or disability or any other factor protected by law.

PURPOSE: 

The Network Security Operation Lead role is part of the Torstar Information Technology group accountable to the Senior Manager, Information Security & IT Governance. The secure operation of the computer systems, servers, and network connections is an integral part of the service delivery mandate of the IT Group. The Network Security Operations Lead plays a key role in this mandate by providing technical guidance, implementing changes, and analyzing network-related threats and vulnerabilities.

Specifically, the Network Security Operation Lead will closely work with our infrastructure, business solution, third parties, and cloud technology group to define network security designs (On-Premise, Azure, and AWS) and proactively diagnose and resolve related network security problems. In addition, the Network Security Operation Lead will work in conjunction with several Managed Security & Network Service Providers to establish best practices, process efficiencies and to surpass service level agreement measurements.

KEY RESPONSIBILITY AREAS (KRAs): 

Security Operations

• Leads programs to develop, maintain and govern the network and security architecture across Torstar to ensuring continuous and healthy operation of an in-house managed security operation center
• Review current system security measures and recommending and implementing enhancements
• Support IT Security systems – vendor purpose-built applications and appliances; firewalls, end node protection, encryption, remote access, scanning and assessment tools, etc
• Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
• Lead Torstar’s in-house Security Operation Center team in timely detection and response to external threats using several intelligence feeds
• Perform regular assessment of our network (On-Premises, AWS & Azure) security policies, including review and refinement of our IPSIDS rules, as well as our cloud security controls as required
• Collaborate with our managed services teams to recommend security best practices for our managed IT infrastructure;
• Lead the evolution of our enterprise toolsets for IT Security and Network Monitoring, taking a pragmatic approach to ensuring the IT security tools and methods used are based on business risk and priority.
• Lead the evaluation, development, and integration of complex network security and protection technologies for enterprise and service provider environment including but not limited to Advanced Breach Detection/Mitigation, DDoS attack detection/mitigation, etc
• Lead network security-related incidents, breaches, and investigations.

Network Operations

• Assessment and optimization of the Torstar’s network computing, through network monitoring, evaluation, statistics, service availability, and daily health checks
• Working closely with members of infrastructure security team members to design, implement, and test information technology security mechanisms such as Firewalls, Intrusion detection, incident response and escalation, security policy articulation
• Coordinate with Architecture, Business Solution and project teams to design, organize, and lead complex system integration efforts required for implementation, deployment, and troubleshooting
• Troubleshoot problems related to the network security infrastructure environment.
• Identify network security trends and abnormalities and proactively take steps to prevent performance impacts to network traffic and business function
• Perform pro-active support functions and reporting to maintain the integrity of the enterprise network equipment and infrastructure
• Maintains enterprise-wide IP addressing scheme, DNS, and Certification Authority
• Coordinates/ Resolve service calls and schedules appointments with service providers to ensure satisfactory resolution of problems and malfunctions

KEY COMPETENCIES:

• 10+ years overall experience Security Operations Center-related role and 6+ years of configuring, implementing, and administering network security & monitoring tools within a CISCO networking environment
• Extensive understanding of network routing protocols and features e.g DHCP/DNS, TCP/IP, and RIPv2, OSPF, BGP
• Good knowledge of IT including multiple operating systems and system administration skills
• Any of CISSP, CISM, CCSP, and any of Cloud-related network-related certification in AWS, Azure. Strong understanding of network technologies and features implementation will be considered
• Practical deployment/implementation of security in the cloud (AWS and Azure) will be an advantage
• Work with third parties or service vendors to identify, set up, and improve security monitoring requirements/filters/alerts
• Ability to work on the investigation that requires a high level of confidentiality and integrity. Also, willing to adhere to terms related to such requirements

.PRIMARY ACTIVITIES REQUIRED TO ENSURE SUCCESS IN KRAS:       

• Collaborate with team members to provide superior support and customer service to client groups
• Ability to establish and maintain effective working relationships with all GIT staff, vendors, customers, and management
• Demonstrate leadership, integrity, and initiative
• Proven ability to work in dynamic environments and can prioritize and manage multiple tasks concurrently
• Hands-on, detailed oriented, and willing to share knowledge with other team members
• Timely response to critical business-impacting incidents.
• Meet or exceed service level agreements.

We are committed to providing an inclusive and barrier-free recruitment process to applicants with accessibility needs in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act (AODA). If you require accommodation during this process, please inform us of your requirements.