APPLICATIONS ARE INVITED FOR THE POSITION OF

SENIOR ANALYST, CYBERSECURITY CYBERSECURITY & PRIVACY

ICT SERVICES DIVISION

Non-Union Level 8 - $82,877 - $99,450

Hybrid work model: 80 Sheppard Avenue East, Toronto

The TCDSB offers comprehensive benefits and pension plan, generous vacation, and additional days off and professional development opportunities Please Note: There are two (2) permanent positions Our Vision :

At the Toronto Catholic District School Board (TCDSB), we grow in knowledge, with justice and hope. The TCDSB is an inclusive Catholic learning community that nurtures faith development and academic excellence through the love of God, neighbour, and self. We fully engage students in learning that supports their academic, spiritual, socio-emotional, and physical growth and development. At Toronto Catholic, we have a long and distinguished history of providing excellence in Catholic education for the Toronto community. Ontario Catholic School Graduate Expectations, Our Catholic Values and the Boards Pastoral Plans are foundational to our exemplary approach to teaching and learning in the 21st Century.

The TCDSB is proud to be a significant part of the fabric of publicly funded Catholic education in the province of Ontario. We serve approximately 84,000 students in nearly 200 Catholic schools in the City of Toronto and represent close to 475,000 Catholic school supporters.

With a staff of 14,000, the Toronto Catholic is a dynamic school board and is seeking 2 full-time Senior Analysts, Cybersecurity.

CRITERIA FOR INTERVIEW A post-secondary degree from a recognized university or college degree in an Information Technology related field or an equivalent combination of education and experience

A minimum four (4) years of experience in cybersecurity projects, operations, and incident response

Relevant cyber security certification such as CISSP, GIAC, Security+ or equivalent is an asset

Experience in a complex, large scale, multi-location environment is preferred

Demonstrated knowledge of NIST and ISO frameworks, CIS Controls, SOC 2, CSA, MITRE ATT&CK security/privacy standards and best practices as well as Privacy laws and regulations

Demonstrated proficiency in security architecture and cybersecurity technologies including SIEM/XDR and SOAR, firewall technologies, IPS/IDS, endpoint protection such as EDR/XDR, email security, web gateways, identity and access management, authentication (MFA), vulnerability management, data-lost prevention, encryption, networking concepts and technology solutions including TCP/IP, DSN, wired, wireless and SD-WAN, cloud-based security solutions and platforms such as SSE/SASE and CASB, remote access solutions (VPN and ZTNA), Secure Software Development Lifecycle (SSDLC), security awareness training software with an understanding of security and privacy principles such as least privilege, defense in depth and zero-trust

Demonstrated experience providing technical security expertise, risk management, advisory and project management services

Demonstrated ability to self-motivate and self-learn to keep up to date on rapidly evolving cyber threats, attacks, tactics, techniques, and procedures (TTPs), countermeasures, and industry technologies and trends

Demonstrated ability to work independently and prioritize tasks/projects in a highly dynamic environment

Demonstrated excellent customer-centric, analytical, critical thinking skills with strong attention to detail and a commitment to quality

Demonstrated strong interpersonal skills to build relationships and work with technical and non-technical professionals

Demonstrated effective communication and project management skills to lead initiatives

MAJOR DUTIES AND RESPONSIBILITIES

Reporting to and under the direction of Sr. Coordinator, Cybersecurity & Privacy, this position will work within the cybersecurity department and is responsible for providing cybersecurity expertise to support and implement innovative cybersecurity solutions and programs to maintain the confidentiality, integrity and availability of organizational assets and services. Duties and responsibilities will include but not be limited to the following: Provide in-depth technical advice to design, define, evaluate, procure, and implement security safeguards for on-prem and cloud environments, in accordance with industry and the Board standards and best practices

Contribute to predictive threat intelligence for the Board, ensuring that strategies, designs, and plans of accounting for the future threat landscape

Provide risk assessment services to TCDSB, articulating the sensitivity of projects/initiatives, associated vulnerabilities, threats, safeguards, residual risk, and privacy

Act as technical lead incident handler for security incidents to ensure timely detection, analysis, response, and recovery measures are applied to mitigate impact to business

Document security incidents, responses, and related information in accordance with established procedures

Perform security assessments and threat hunting initiatives to proactively detect vulnerabilities, tactics, techniques, and procedures (TTPs) and work with stakeholders to implement treatments to mitigate cyber-attacks

Manage security awareness training program to promote a culture of security within the organization

Contribute to the creation, maintenance and training of security policies, standards, baselines, and procedures documentation that affect cybersecurity operations and to ensure compliance with applicable standards and regulations. including cyber incident response plan and playbooks

Stay current with the latest cybersecurity threats, intelligence, vulnerabilities, tactics, techniques and procedures (TTPs), controls and countermeasures, frameworks, standards, best practices and privacy regulations, and emerging technologies and trends

Performing other duties as assigned or requiredPlease Note: This position will require the incumbent to be available for on call work and must be flexible to work after hours including evenings and weekends. A valid Ontario drivers license and access to a vehicle is required for travel to Board and non-Board sites (eligibility for mileage reimbursement). Diversity and Inclusion:

The TCDSB is committed to fostering a diverse workforce. We especially welcome applications from individuals who would contribute to the further diversification of our staff, including but not limited to, those who are Indigenous, Black, 2SLGBTQ+, and racialized. You are invited to voluntarily indicate if you identify as such a person. This information will be kept confidential. Barrier-Free Recruitment and Selection:

The TCDSB is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with Accessibility for Ontarians with Disabilities Act (AODA). Should you require code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the TCDSB Fair Hiring Policies and Accommodation Process. https://5il.co/1dkld

Interested applicants are asked to submit a rsum and cover letter no later than Tuesday, April 9, 2024 Applications are to be submitted online through ApplyToEducation.We thank all applicants, however, only those selected for further consideration will be contacted.