Cybersecurity Lead

**The Opportunity**:
The City of Red Deer is currently recruiting for a permanent full-time Cybersecurity Lead. The **Cybersecurity Lead** is the key role in IT in the supporting of the City's cybersecurity management, coordinating with IT on setting its cyber strategy, building business and technical controls and assuring compliance and audit.

The position is responsible for organizing the designing and implementing of systems, controls, standards, and procedures related to cybersecurity domains. This position is expected to understand technology and information management systems and stay up to date with the latest security standards, systems, attack vectors of malicious actors as well as best practices and security products.

The Cybersecurity Lead is to develop an enterprise security stance through policy, architecture, vendor relationships, and training processes. Additional tasks will include supporting the selection and leading the implementation of appropriate security solutions, and coordination of any vulnerability audits and assessments. This position is expected to interface with peers within Information Technology Services as well as with the leaders of the business units to both share the corporate cybersecurity vision with those individuals, and to solicit their involvement in achieving higher levels of enterprise cybersecurity through information sharing and co-operation.

As an advising member of the senior IT team, the Cybersecurity Lead will cultivate a culture of security awareness and promote continuing education of personnel to ensure understanding and adherence to security policies.
- Bachelor's degree in information security, Cybersecurity, Information Technology or related area*
- Certifications in information security would be considered an asset, such as:

- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CompTIA Security+
- Five or more years’ experience in:

- Technology and computer policy, process, and client engagement.
- Cyber security, demonstrating solutions delivery, principles and emerging technologies
- Designing and implementing technical solutions.
- Project management skills leading corporate or enterprise-level initiatives.
- Change management experience leading and supporting corporate level process and cultural changes.
- Consulting and engineering in the development and design of best practices and implementation of solid technical and policy (security) principles across the organization, to meet business goals along with customer and regulatory requirements
- Security considerations of cloud computing: including data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks
- Information security and/or IT risk management with a focus on security, performance and reliability
- Preferred additional experience or skills:

- Solid understanding of security protocols, cryptography, authentication, authorization and security
- Good working knowledge of current IT risks and experience implementing security solutions
- Knowledge of incident response procedures and hands-on experience in managing critical incidents.
- Identity and Access Management (IAM)
- Security Incident and Event Management (SIEM)
- Understanding of firewall, server, and network administration and capabilities
- Nortel, Avaya or Extreme Network, F5 and FortiGate solutions
- Familiarity with industry standards and regulations (e.g., NIST Cybersecurity Framework, IPAA, ISO 27001/2, FOIP, COBIT, ITIL).
- PMI certification such as PMP.
- Windows, Cloud (Azure specifically), UNIX and mainframe infrastructures and architecture
- An equivalent combination of education and experience may also be considered

Competencies:
In addition to the 9 Core Competencies - the following are specific to this position:

- Excellent written and verbal communication skills
- Ability to work with limited supervision
- Ability to coordinate and support under stressful situations, such as a malware attack
- Ability to establish and maintain effective working relationships with departmental staff, other City departments, customers, outside vendors and consultants. This includes with Council and senior leadership staff.
- Ability to work independently or in a team situation in a collegial atmosphere
- Ability to work independently and act on initiatives within given guidelines
- Ethical mindset and ability to handle sensitive information with confidentiality and integrity.
- A valid driver’s license and reliable vehicle are required for offsite meetings.

**Affiliation**:
Exempt

**Remuneration**:
$48.24 to $60.30 per hour ($94,427 to $118,034 per annum).

**Hours of Work**:
75 hours biweekly; Monday to Friday, some evening and weekend work may be required when needed.