Senior IT Security Advisor Job in Calgary T2S2V1, Alberta Canada
Application Deadline: April 3, 2011
Reports to: Manager IT Security Risk Management
DESCRIPTION:
Under the general direction of the Manager IT Security Risk Management, the Senior IT Security Advisor will primarily be responsible for participating in the ongoing development and execution of the IT Security program. The IT Security program involves all aspects of effective IT security management including: policy, guidelines, practices, and procedures; architecture and technology standards; risk management; awareness and training; metrics and measurement; compliance; organizational and personnel security guidance; physical and environmental security requirements for IT; and security incident management processes.
This role will be responsible for leading initiatives to assess and implement adequate security controls in conjunction with the responsible IT Teams. This role requires the confidence of others in the organization to be able to support and effectively manage security and risk. This role also requires a broad range of competencies including familiarity with current Information Technology and mastery of management and technical aspects of IT security. This role requires the technical ability to support IT Security operational systems including Web Content Filtering software, Network Access Control software and provide guidance and direction regarding firewalls and corporate anti-virus software.
The Senior IT Security Advisor acts as a liaison with Human Resources, Legal, Corporate Security and other business departments pertaining to IT security incidents.
DUTIES RESONSIBILITIES INCLUDE (but not limited to):
• Responsible for the development and maintenance of the corporate governance framework for IT Security that includes policies, standards, processes, practices, tools, procedures and metrics and supports IT’s standard Systems Development Life Cycle (SDLC). This includes activities necessary to develop, obtain approval for, deploy and maintain corporate IT security documentation.
• Lead or participate in selected projects that involve the implementation of security controls, processes, security assessments and compliance initiatives.
• Support and maintain operational security systems (e.g. Web Content Filter, Network Access Control, Vulnerability Management).
• Provide on-call support for operational security systems and 3rd party security outsourcer.
• Lead initiatives in the adoption of externally mandated security guidelines, standards and criteria.
• Develop and maintain the security training and awareness program, lead security training and awareness initiatives and deliver security training.
• Manage 3rd party security assessments and conduct internal security reviews to ensure that FortisAlberta is effectively managing security risk and ensuring the effectiveness of the IT Security program.
• Participate in Systems development life cycle reviews of IT projects to ensure security controls are adequately designed, implemented and tested in new systems initiatives. Responsible for the escalation and risk management process if required.
• Responsible for the on-going development and maintenance of the IT Security compliance process.
• Provide leadership for development and on-going maintenance of IT Security metrics to ensure the effectiveness of the IT Security, including implementation of continuous improvements.
• Special Projects and other duties, as assigned.
KNOWLEDGE, SKILLS ABILITIES:
• Demonstrated understanding of IT security principles, methodologies and practices.
• Thorough knowledge of IT security processes and how they are used in the systems development and operations processes.
• Excellent analytical skills with critical attention to detail.
• Proven aptitude for quickly assimilating complex information.
• Demonstrated ability to negotiate and facilitate resolution of complex problems.
• Strong verbal and written communication skills including the ability to clearly present information to various audiences in both formal and information settings.
• Strong organizational and time management skills in order to effectively manage multiple priorities and competing demands with tight timelines.
• Strong customer service focus with the proven ability to develop and maintain effective relationships with team members and internal and external stakeholders; this includes excellent communication, interpersonal and problem solving skills.
• Demonstrated ability to influence all levels of staff through intuitive business insight, professional and personal credibility.
• Demonstrated ability to support Web Content Filtering solution (preferably BlueCoat), Network Access Control solution (preferably Forescout), Vulnerability management solution (preferably McAfee Foundstone)
• Demonstrated knowledge of firewall technology (preferably Cisco), Windows Server and Desktop technology, and Active Directory and Microsoft GPO technologies.
• Demonstrated ability to use MS Office Applications (Outlook, Word, Excel, PowerPoint); familiarity with SAP would be an asset.
EDUCATION EXPERIENCE:
• Degree or Diploma in Computer Science, Business Administration (Management Information Systems), Engineering, Mathematics, Information Technology or related discipline plus a minimum 7 years’ experience in Information Technology in several areas of IT: IT Security, Operations, Development and/or Quality Control; an equivalent combination of education and experience may be considered.
• Minimum 5 years’ experience in IT Security roles.
• CISSP or equivalent IT Security designation.
• IT Governance management experience.
• Proficiency in project management.
• Experience leading teams to facilitate Security initiatives.
• SCADA system security would be an asset.
• Experience working in a regulated environment, preferably within the electrical utility industry, would be an asset.
Job Requirements:
TO APPLY TO THIS POSITION:
Please submit your resume to careerscanada@fortisalberta.com and quote posting No.: E11-237 and position title, Senior IT Security Advisor.
LATE APPLICATIONS WILL NOT BE ACCEPTED
We thank all applicants for their interest, however only those external candidates to be considered for an interview will be contacted. All internal candidates will be notified.
PLEASE NOTE:
The company does not search employee files for relevant personal data (i.e. work history). Please ensure that any application/resume submitted outlines all relevant data you feel the company requires to evaluate your capabilities against the job requirements.
WHO WE ARE:
As owner and operator of more than 60 per cent of Alberta’s total electricity distribution network, FortisAlberta’s focus is delivering safe and reliable electricity to almost half a million residential, farm and business customers. The Company serves more than 200 communities with 114,000 kilometres of distribution power lines across Alberta.
When you apply for a position with FortisAlberta Inc. and/or provide your resume to us, we may use or disclose the information that you provide to determine your suitability for specific positions or future employment opportunities with FortisAlberta, to confirm your work history or qualifications, and to contact any references that you have provided with your resume or elsewhere in your application. In certain circumstances, we may be required to use or disclose your information in the manner that we have described. By providing your information to FortisAlberta we assume that you have consented to such activities. For further information, please refer to the FortisAlberta Privacy Policies (available at www.fortisalberta.com) or contact FortisAlberta's Privacy Officer at privacyofficer@fortisalberta.com .
Req. Code : E11-237
Division/Department : Information Technology