Lead Analyst, IT Security Risk and Compliance

**Job Type**:
Employee

**Duration in Months**(for fixed-term jobs):
12

**Job Family**:
IT Security

**# of Open Positions**:
1

**Faculty/Service - Department**:
IT Security

**Campus**:
Main Campus

**Union Affiliation**:
N/A

**Date Posted (YYYY/MM/DD)**:
2025/11/03

**Applications must be received**BEFORE**(YYYY/MM/DD)**:
2025/11/14

**Hours per week**:
35

**Salary Grade**:
Non-Union Grade NM1

**Salary Range**:
$104,880.00 - $131,101.00

About Information Technology:
Information Technology is a dynamic and collaborative environment. We are focused on prioritizing and optimizing technological investments that facilitate the best student experience, as well as the activities of faculty, researchers and staff. Our greatest strength are the people working with us. People like you, professionals eager to flex their intellectual muscle and achieve new heights in their career. Working here gives you access to a great IT environment, rich with a diverse range of platforms, products, and services. This is a place where innovative ideas are welcome.

In a nutshell: working here is challenging and rewarding. It’ll bring out the best of you. We want people that have the drive to advance IT in higher education. We have the technologies to keep your inner fires burning, and benefits that can help you sustain a better lifestyle. And all this minutes away from gyms, the Byward Market, downtown, and the Rideau Canal at lunch time for runners and skaters.

**Position Purpose**

**In this role, your responsibilities will include**:

- **Documentation**:Develops and maintains Information Security procedures, standards, guidelines, and documentation based on direction from the University’s Security Architecture team, security best practices, and compliance requirements. Establish and document use-cases for the security information and event management system. Responsible for ensuring all internal procedures and processes are documented, maintained, and readily accessible.
- **Support and Consulting**: Provide expert-level technical support, consulting services and instruction to University’s staff, academic and research communities on the proper methods to secure their servers, systems and software following industry best practices. Communicates with vendors’ technical representatives to resolve complex problems by providing detailed information of the issue and following up with documentation. This may require replacing software or designing and implementing customized solutions. Provides feedback and reports to vendors’ representatives concerning technical and/or security problems. Provides supporting documentation to request and justify funding of new features or solutions.
- **Knowledge and Enforcement**:Maintain a solid working knowledge of Information Security principles and practices. Conduct research of the current trends of information security and event monitoring and keep up-to-date with issues and technologies. Participate in knowledge sharing with other team members to advance the security monitoring program. Enforce IT security policies, procedures and specific security standards that govern various level of security.

**What you will bring**:

- University degree in Computer Science or Information Technology or a related field or an equivalent combination of education and experience;
- Experience securing AI/ML systems, including model lifecycle management, data governance, and adversarial threat mitigation.
- Familiarity with AI-specific security risks such as model inversion, data poisoning, and prompt injection attacks.
- Knowledge of secure MLOps practices, including CI/CD pipelines for machine learning models.
- Understanding of AI governance frameworks and compliance requirements (e.g., EU AI Act, Canadian AI and Data Act, NIST AI RMF).
- Experience with privacy-preserving technologies in AI, such as differential privacy, federated learning, and secure multi-party computation.
- Ability to conduct threat modeling and risk assessments for AI systems and intelligent automation platforms.
- Experience with tools and platforms for AI observability and monitoring (e.g., MLFlow, Seldon, Azure ML, Amazon SageMaker).
- Knowledge of ethical AI principles and bias mitigation strategies in model development.
- Experience collaborating with data scientists, researchers, and AI engineers to embed security into AI workflows.
- Experience designing and supporting large-scale, end-to-end information security systems in a complex, multi-platform environment;
- Familiarity with secure data handling practices for training datasets, including anonymization and access control.
- Leadership skills, ability to coach and mentor other IT professionals;
- In-depth analytical skills for complex problem solving - identification, diagnosis, resolution;
- Knowledge of the University’s information technology and security policies, procedures and standards would be considered an asset;
- Experience in project management and meeting