Security Operations Compliance Specialist

JOB SUMMARY:

Reporting to the Director, Technology Operations, Centre for Advanced Computing (CAC), the Security Operations Compliance Specialist (Specialist) is part of a team responsible ensuring compliance with CAC’s policies, practices, recognized cybersecurity frameworks, while investigating cyber risk to facilitate remediation of identified vulnerabilities across the centre.

CAC is a regional partner in Canada’s national digital research infrastructure and works closely with the Digital Research Alliance of Canada to support secure, high-performance research computing environments for researchers at across Canada. In this context, the Specialist contributes to a trusted and compliant security posture that enables advanced research, data stewardship, and national collaboration.

The Specialist identifies and assesses risk, documents remediation and risk acceptance options, and provides subject matter expertise on security operations and compliance. As a subject matter expert, the Specialist also maintains oversight of the security maintenance program as well as reporting on findings and recommending corrective action.

The Specialist maintains a strong collaborative working relationships with internal teams, external partners, and clients, supporting the CAC’s mission to deliver secure, scalable, and reliable research computing services.

KEY RESPONSIBILITIES:

• Follows established security frameworks, to provide input into compliance requirements, security design solutions, security training material, workshops and communication updates.
• Maintains the security of numerous systems, ensuring configuration, monitoring, reporting and policies support the privacy requirements and security standards.
• Participates in the development of cybersecurity operations capabilities and activities, which include security design requirements, operational maintenance activities, documentation and the collection of evidence necessary for compliance objectives.
• Participates in the delivery of security assessments to ensure compliance with security policies, standards and procedures.
• Participates in the delivery of security services, including the collection of cyber-threat intelligence, security vulnerability management, perpetual scanning (VA), logging and monitoring, SIEM, event correlation, operational metrics and reporting, as well as specialized security needs and services pertaining to the network.
• Supports and contributes to security-focused workshops, training sessions, and knowledge-transfer activities for researchers, technical staff, and partners, aligned with CAC priorities and the Digital Research Alliance of Canada standards.
• Anticipates security breaches and remains up to date on intelligence, including hackers’ methodologies; maintains high degree of knowledge by tracking trends and best practices.
• Develops and deploys security monitoring use cases.
• Triages and analyzes security events to prioritize and escalate alerts that exceed thresholds.
• Analyzes cybersecurity events and incidents to determine the root cause and apply the appropriate mitigation measures.
• Creates scripts and implements tools to automate and develop a variety of configuration and update tasks including signature updates, rule changes, and policy updates on security devices.
• Assists in the delivery of vulnerability assessments to ensure compliance with security policies, standards and procedures, and takes corrective action to mitigate identified security vulnerability.
• Collaborates with diverse groups of internal and external IT teams and key stakeholders by interacting effectively and persuasively to investigate and resolve security violations.
• Participates in the development and management of security metrics for cybersecurity operations, with the aim of strengthening the security posture.
• Creates, maintains and publishes security documentation.
• Participates in change review boards as requested; reviews network security requirements for firewall changes, data encryption and other network security measures to ensure access and authorization controls are in place.
• Research more effective security processes and implements application/processes that prevent data loss and service interruptions.
• Works occasional extended hours and an on-call rotation outside regular work hours.
• Undertake other duties as delegated in support of the CAC.

REQUIRED QUALIFICATIONS:

• University degree in computer science or related field combined with a minimum of 5 to 10 years experience in a cybersecurity or information security role.
• Professional certifications such as ITIL, ISACA, ISC2 CISSP, CEH, PCIP, SANS GIAC GSEC are considered an asset.
• Experience with information security standards and frameworks: NIST CSF, SOC 2, ISO27001, etc.
• Experience in cybersecurity, in a multi-platform environment, in three or more areas: research computing, web applications, virtualization environments, SaaS models, desktop applications, networking concepts; fluent in multiple Windows and Linux operating systems.
• Experience with network security, operating system security, Internet/web security, DLP, anti-malware, IDS/IPS, penetration & vulnerability testing, cyber security and the ability to read and understand vulnerability bulletins, and security event data.
• Experience with troubleshooting network encrypted protocols: HTTPS, TLS, PPP, Kerberos and Enterprise certificate management.
• Demonstrated technical proficiency in the implementation and maintenance of multi-user Windows and Linux computer systems.
• Experience analyzing security events and exploits with an in-depth knowledge of security event management, network monitoring, log collection and correlation and a good understanding of SIEM technology from architecture and engineering perspectives.
• Experience with scripting languages: Unix scripting and Python.
• Consideration may be given to an equivalent combination of education and work experience.

SPECIAL SKILLS:

• Working with Others: actively seeks ideas from multiple sources for consideration to improve the performance of the team(s). Shares thoughts and information with all levels of expertise. Ensures that one’s own behaviour does not negatively impact others when faced with complex situations.
• Inclusivity: welcomes an inclusive environment and coach’s others to address and support those who may feel vulnerable. Ensures the diverse group receives opportunities for fair treatment regardless of background.
• Communication: takes an active role to communicate to multiple audiences and easily explains complex information to ensure the message is understood.
• Customer Service and Support: actively engages the customer or team member and evaluates their needs in a timely manner. Establishes plans and organizes work to meet or exceed the deadlines. Periodically, conducts plan reviews and provides an update to client/customer and recommends any process efficiencies.
• Planning/Organizing: takes an active role in analyzing problems regarding resources/deliverables that may impact deadlines or standards and escalates for discussion and resolution. Plans medium-term requirements and provides insight into scope of potential problems and identifies possible solutions.
• Continuous Improvement: takes an active role within a team(s) and together they identify ways to improve processes, and quality of customer service. Solicits feedback from multiple sources to identify ways to become a more highly functioning team.
• Attention to Detail: takes an active role to implement efficient systems to ensure that high quality work is consistently maintained by self and others. These actions include careful monitoring of work that meets standards and project plan deadlines.
• Adaptability and Support for Change: takes an active role to positively support team members through change. Supports change by generating new ideas and offering suggestions that will benefit the team.

DECISION MAKING:

• Prioritizes own work and work of project team members in accordance with evolving and/or competing priorities. Determine appropriate assignment of resources, assists in solving problems, analyze implication, and decide on course of action that would result in timely and accurate completion of tasks.
• Formulates, evaluates and implements solutions to problems, alone or cooperatively with senior staff and/or CAC staff.
• Assesses the nature of a request and assists as appropriate.
• Confidentiality is paramount; therefore, aptitude to differentiate what information is sharable, when, and with whom.
• Determine what information should be distributed, to whom, and in what format; decisions will be made based on the relevance of the information and the impact that recipients can have on the process or project outcome. Determine when to advise or involve senior staff.
• Self motivates and prioritizes workloads.
• Determines how to deal with operational problems that occur outside of working hours to avoid major customer impact.