Search
Close this search box.
IPSS logo small alt

Senior Specialist Threat Risk Assessment

Job ID:                                 COT-2023-09

Job Title:                            Senior Specialist Threat Risk Assessment

Division:                             Office of the Chief Information Security Officer

Reports To:                        Manager Threat Risk Assessment

Salary Range:                 $122,000 to $158,105

Work Location:               55 John Street, Toronto

Job Type:                            Permanent Full Time

Shift Information:        Monday to Friday, 35 hours work week

 JOB SUMMARY:

To provide senior level strategic and tactical guidance to the Director Business Application Resilience, as well as the Chief Information Security Office (CISO) in the execution of its mandate to establish and maintain a City-wide cyber program to ensure the City is adequately protected.

To define, develop and support Threat Risk Assessments (TRA) and cyber security risks while engaging with teams across the organization to build alignment on key projects and develop execution roadmaps.

To provide subject matter expertise, strategic advice, senior level guidance and operational support in the identification of cyber risks, and in the development of Risk Treatment Plan and recommendation to support the organization and the CISO’s strategic objectives.

To collaborate with other segments of the organization to manage City-wide cyber initiatives.

MAJOR RESPONSIBILITIES:

  • Conducts Threat Risk Assessment for assigned initiatives.
  • Participates in the development and sustainment of the Threat Risk Assessment program.
  • Identifies, evaluates and supports initiatives that integrate into the Threat Risk Assessment program.
  • Develops and contribute to TRA and Risk Management standards and approaches to enable seamless and secure integrated solutions.
  • Provides support to the continuous improvement of the capabilities related to the Risk Management programs.
  • Supports the development and enhancement of metrics on Threat Risk Assessments to the senior management.
  • Participates in the enterprise-wide risk management strategy relating to cyber for the organization.
  • Aligns to organizational governance mandates and advocate for governance within Divisions, Agencies & Corporations.
  • Participates in the successful delivery of risk management initiatives ensuring technical excellence and a practical/business focused approach.
  • Builds collaborative and productive working relationships across the organization to establish, maintain, and continuously improve cyber risk management capabilities and promote risk awareness and intelligent risk-taking.

QUALIFICATIONS/CERTIFICATIONS:

  • Post-secondary degree in Business or Technology or a related discipline.
  • Over 8 years of senior level experience in Cyber Security and in conducting Threat Risk Assessments.
  • Strong relevant Threat Risk Assessment experience in a fast-paced environment.
  • Keen understanding of the digital ecosystems and customer needs with a focus on applications and application integration.
  • Subject Matter Expert, and strong experience in providing threat mitigation advisory and consultative support to clients
  • Solid understanding in emerging technologies
  • Extensive experience of applying security industry standards and best practices such as ISO 27001 and NIST standards.
  • Strong understanding of security risks, threats, and vulnerabilities and the judgment to assess and articulate risk effectively.
  • Extensive experience preparing comprehensive reports and presentations for all levels of an organization.
  • Strong understanding of security risks, threats, and vulnerabilities and the judgment to assess and articulate risk effectively
  • Knowledge of architectural design and implementation methodologies including software, network and infrastructure.
  • Knowledge of network and information security methods, standards, architectures, policies and procedures.
  • Preferred Certifications (any in the list): CISSP, CCSP, CISA, CISM

SKILLS:

  • Ability to work in transformative programs
  • Excellent leadership and organizational skills and the ability to work effectively with all levels of stakeholders.
  • Motivated self-starter demonstrating integrity, initiative, and innovation qualities.
  • Strong analytical ability where problems are typically unusual and difficult.
  • Ability to judge, prioritise and multitask.
  • Excellent problem-solving skills with ability to identify solutions to unusual and complex problems.
  • Strong business acumen and client facing persona.
  • Ability to work with the broader IT organization and business management to align priorities and plans with key business objectives.
  • Demonstrated capacity to lead under pressure, make decisions in ambiguous situations and drive cross functional collaboration in a short period of time.
  • Demonstrated influence and persuasion skills, able to present to senior levels.
  • Strong understanding of the business impact of security tools, technologies, and policies.
  • Excellent communication and active listening skills with an aptitude for extracting and synthesizing complex information.
  • Exceptional written and oral communication skills.
  • Transferable skills, like communication and decision-making.

ADDITIONAL COMMENTS/INFORMATION:

A normal work week is 35 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

EQUITY, DIVERSITY AND INCLUSION

The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

 ACCOMODATION

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.

If this role is of interest to you, please submit your resume to recruiting@ipss.ca

IPSS logo small alt

Ottawa Office

Toronto Office

Calgary Office

eNEWS sign up

Subscribe for the latest news, events, and updates from iPSS
Sign up
CCAB member logo web
Scroll to Top

eNEWS Signup