Company : Vancouver Airport Authority Location : Vancouver British Columbia From : Neuvoo CA
We support the Employment Equity Act and take measures to ensure fair employment practices and treatment of employees across our organization.
We welcome applications from all qualified candidates, including women, Aboriginal peoples, persons with disabilities and members of visible minorities.
We encourage applicants to self-identify with a designated group(s) to support our team in filling gaps in areas where we can be more diverse.
We are also happy to provide reasonable accommodations throughout the selection process and while working at YVR.
If you require support applying online because you are a person with a disability, please contact us at 604-303-3152 or careers@yvr.ca . We have a permanent, full-time opportunity for an InformationSecuritySpecialist in the Innovation and Technology Group.
The successful candidate will be a security advocate with IT teams, business stakeholders and end users to design, integrate, and advance InformationSecurity in alignment with the AirportAuthority’s business objectives while meeting its compliance, legal and regulatory requirements.
Reporting to the Manager, Technology Services (Cyber Security), the InformationSecuritySpecialist will be responsible for security operations and administration and providing IT security support and guidance to ensure that YVR’s technical infrastructure and applications meet and/or exceed the defined security policies.
Key responsibilities include:
Provide technical support and system administration on various security technology such as securityinformation event monitoring (SIEM), vulnerability management, privilege access management, data protection platforms and multi-factor authentication Monitor and analyze technical security controls to detect, report and remediate security incidents Serve as internal technical point of contact with external managed security monitoring service in incident handling response for informationsecurity incidents Manage, measure, and audit the Managed Security Services vendor to established contractual and compliance requirements for security monitoring Providing on-call support on a scheduled basis to ensure that any high severity security incidents are resolved in the most expedited manner Provide technical risk assessment, security support and guidance for IT projects/solutions/requests to ensure security controls are reasonably deployed to mitigate risks Participate in change advisory board to review and evaluate planned technology changes in terms of informationsecurity risks Manage, conduct and optimize vulnerability scans on IT infrastructure and systems Assess and provide data with recommendations and see to completion for monthly patching to mitigate/remediate organizational risk Research and track information about current security threats, potential vulnerabilities from trusted news sources/external feeds to develop communication plans and/or programs to raise awareness and assess overall enterprise risk exposure as well initiate remediation/mitigation Collect, generate, monitor and analyze IT operations security metrics to measure the effectiveness of the IT security management processes Assist and participate in security technical planning, assessment and implementation Assist in regularly assessing the strength of YVR’s IT security governance and current processes, procedures and technical controls against NIST 800-53, PCI-DSS and industry best practices, and propose, develop and implement projects and initiatives to remediate control gaps to reduce overall enterprise risk Key qualifications include:
BSc in Computer Science or similar bachelor’s degree in a related field with a minimum of 5+ years equivalent of InformationSecurity work experience; or an equivalent combination of training and experience Professional InformationSecurity certifications such as Certified Information Systems Security Professional (CISSP), or GIAC Security Essentials (GSEC) are an asset and preferred 5+ years’ experience with security related appliances such as firewalls, SIEM, IPS, PAM, 2FA, proxy servers with a broad technical knowledge of enterprise-class network and operating system platforms Strong leadership and organizational skills, proven by on-time, on-budget delivery of complex, multidisciplinary projects Knowledge of security, privacy and IT governance frameworks and legislation, such as NIST 800-53, ISO27001, PCI-DSS, privacy legislation Excellent written, verbal and interpersonal skills Excellent analytical skills and attention to detail Proven team player Resourcefulness to produce high quality results without supervision and direction Ability to manage priorities under tight deadlines This position is open to both VancouverAirportAuthority employees and external candidates.
Previous job performance will be taken into consideration for all internal candidates that apply for this position.
Health and safety are at the core of how we operate at YVR.
We are committed to ensuring a safe workplace for our workforce and protecting the health and safety of our employees, passengers, partners and community by taking reasonable, preventative measures to reduce the risks associated with COVID-19.
All employees are required to be fully vaccinated against COVID-19 unless a valid exemption is granted for those unable to be vaccinated.
