TL Senior Info Security Advisor
Reference ID: 20180349
The South Coast British Columbia Transportation Authority (TransLink) is one of Canada's most innovative transportation authorities, founded in 1999 to plan and manage transportation within Metro Vancouver. We've achieved success not only in improving the transportation network of the region, but helping maintain the enviable lifestyle of residents and the viability of local businesses. TransLink and our family of companies (Coast Mountain Bus Company, B.C. Rapid Transit Company and Transit Police) are proud to be one of BC's Top Employers.
Designs and leads enterprise information security strategy, programs and technologies to ensure confidentiality, integrity and availability of information, defend and protect critical infrastructure, enterprise and public information from security breaches.
- Participates in defining and designing enterprise information security strategy, framework, architecture and long term roadmap. Develops and maintains enterprise information security policies and procedures, tools and technologies based on industry standards, best practices and to support the compliance with regulatory and legislative requirements. Provides input to the enterprise security assurance strategy.
- Leads the development, implementation and execution of enterprise information security programs, including information security architecture and engineering, IT risk management, compliance and auditing, threat intelligence, security detection, security incident response, vulnerability management, identity and access management. Designs the strategy of the assignment programs, leads and collaborates with internal and external stakeholders to ensure the implementation according to the defined standards. Develops and reports on security operations dashboards, metrics and KPIs to monitor, analyze enterprise security capabilities and defense levels in order to mitigate risks. Acts as the control point during significant privacy and security incidents.
- Provides advanced level of expertise and technical consultation, guidance and assistance to business owners, technology stakeholders, project teams, external partners and vendors in support of IT infrastructure, network, systems, application development, service support, and computing environment. Supports cross-functional teams through the problem resolution process, ensures necessary technology security controls exist and troubleshoots complex information security issues. Acts as a technical lead and supports information security related projects. Advocates the overall information security vision, designs and plans to the project team(s) and project stakeholders to build an understanding and commitment.
- Serves as an expert advisor and keeps senior leadership team informed the enterprise information security status. Presents metrics, recommendations to BTS leadership team and CIO in information security risks mitigation strategy and solutions.
- Builds strong working relationship with a diverse group of internal and external stakeholders, including risk, legal, strategic sourcing, HR, external auditors, government agencies. Represents TransLink in external committees related to information security, compliance, privacy and risks.
- Manages reporting staff as well as contractors, including selection, development, coaching, performance management, and all other people practices.
Education & Experience:
The requirements for this job are acquired through completion of a University Degree in Computer Science, Information Security, Computer Forensic & Cyber Crime Studies, or related field of study and Certified Information Systems Security Professional (CISSP) certification, plus six (6) years of information security experience including information security planning, consultation and program development in a large, complex, multi-disciplinary enterprise environment.
- In-depth knowledge of industry standards, Payment Card Industry regulations, Canadian Privacy Laws with emphasis on BC's Freedom of Information and Protection of Privacy Act (FOIPPA), Personal Information Protection and Electronic Document Act (PIPEDA).
- Advanced knowledge on security technologies and practices in multiple domains of cybersecurity, and evaluating risks, vulnerabilities and issues as part of the project assessment
- Advanced written and verbal communication skills with ability to translate technical risks, controls, vulnerabilities and issues into clear, actionable business language and to explain technical matters to a non-technical audiences up to and including the Executive level
- Strong business process and technology analysis skills
- Strong technical and non-technical documentation skills with an orientation for detail
- Strong interpersonal skills including conflict management and mentoring
- Sound planning, organization, and time management skills
Recruitment Process: An applicant will be required to demonstrate their suitability for this position by meeting the minimum level of qualifications and experience in order to be invited into the selection process. A standard interview format will be used including general, scenario and behavioural descriptive interview questions.
37.5 hours per week.
Rate of Pay
Salary: $85,068 to $106,335 per annum ($43.48 to $53.34 per hour)
How to Apply
Please click the 'Apply' button at the bottom of the page or go to http://www.translink.ca/careers to apply for this position and view instructions on the process.
INSTRUCTIONS: Please save your (1) cover letter, and your (2) resume as one pdf document prior to uploading your application on-line.
Posting Date: May 7th, 2018
Closing Date: until filled
Please note that only those short listed will be contacted.
Having trouble applying? Please view the System Requirements & FAQ's by going to http://www.translink.ca/careers.
Equal Employment Opportunity
TransLink is committed to employment equity.
Posted: December 6, 2018
Closes: February 4, 2019