Cybersecurity Analyst

**Cybersecurity Analyst**

For accessibility assistance with this document please telephone Elections Ontario at 1-888-668-8683 or Fax at 1-866-714-2809. You can TTY at 1-888-292-2312.

Position Status: Permanent

Posting Status: Open

Location: 26 Prince Andrew Place, North York, ON M3C 2H4

(Don Mills and Eglinton)

Salary Band: $78,673 to $112,555 per year

Hours of Work: 36.25 per week

Posting Date: March 25, 2024

Closing Date: April 4, 2024

**Who we are**

The Office of the Chief Electoral Officer (Elections Ontario) is an independent, non-partisan office of the Legislative Assembly of Ontario, responsible for administering provincial elections, by-elections, and referenda in Ontario. We are committed to making voting easy and accessible for all electors, while maintaining the integrity, security, and transparency of the electoral process.

**Join our team**

The Information Technology & Digital Solutions Division is seeking a motivated and results oriented individual to develop and implement a cybersecurity governance program, security plan, policies and risk management framework; monitor networks and systems, detect security threats and provide specialist technology solutions and expertise in the cybersecurity field.

**What to expect in this role**

Reporting to the Manager, Infrastructure Services, you will:

- Develop and implement a cybersecurity governance program, security plan, policies and risk management framework based on industry leading practices to ensure the security of Elections Ontario’s (EO) IT infrastructure and protect if from a range of cybersecurity attacks and other security risks.
- Conduct research on current trends in security and information technology to stay updated on potential threats and attacks, and to develop and recommend preventive strategies and design new security systems or upgrade existing ones to meet evolving business and security needs.
- Provide IT security consulting and advice to business stakeholders across EO; serve as an internal information security consultant to EO.
- Manage all security assessments with vendors and manage/gather responses to recommendations, validation testing, and sign offs for remediation reports.
- Manage vendor relationships for cybersecurity deliverables ensuring contract deliverables are met within time and budget limits. Ensure that identified vulnerabilities are addressed in a timely manner, for example, security scans are performed, secure code practices are followed etc.
- Use advanced analytic tools to identify and determine emerging threat patterns and vulnerabilities; design and implement corrective measures.
- Maintain and troubleshoot in-house and acquired systems and act as expert end-user, providing expert software information and advice to helpdesk staff for first and second tier response, and to end users.
- Install, manage, and update software on all the systems and networks in the organization, ensure adequate security measures on all of them and provide end user support and obtain technical support as required.
- Consult with EO business stakeholders to improve the overall customer experience by providing valuable technical input and gathering customer feedback.
- Communicate daily/weekly though reports and meetings regarding ongoing security projects status with appropriate team members; compile ongoing safety reports, document security issues and measures taken to resolve them.

**What you need to qualify**
- Minimum 4 years of experience in Cybersecurity Analyst or equivalent position with demonstrated specialized knowledge of IT security and information management strategies, methodologies, best practices and standards.
- Demonstrated specialized knowledge of information technology infrastructure (hardware, software, network firewalls, internet connectivity, network security, VPNs etc.) deployed on cloud and hybrid environments, multiple IT hosting and service delivery models (SaaS, PaaS, laaS, etc.), Azure cloud, computer system technologies, and emerging technologies gained through formal education and/or certification and/or equivalent experience.
- Demonstrated understanding of the latest cyber threat landscape including, but not limited to: Zero-Day Exploits, Hacktivism, DDoS Attacks, AI-Enabled threats, Ransomware, Remote Work Risks, Cloud Security, Nation-State Attacks etc.
- Well-developed verbal and written communication skills to prepare/deliver a range of documentation, reports, presentation materials and explain complex/technical concepts in easy-to-understand ways.
- Well-developed consultation and relationship management skills to work effectively across the organization and with internal/external stakeholders.
- Strong analytical and problem-solving skills.
- Must be legally entitled to work in Canada.

Elections Ontario offers alternative work arrangements (Telework or Compressed Work Week). This position requires in-office presence 3 to 5 days per week, based on operational requirements