Banff Centre for Arts and Creativity
Banff, AB
$68,714–$102,040 a year - Full-time
 

Job details
Pay
$68,714–$102,040 a year
Job type
Full-time

Location
Banff, AB

Benefits
Pulled from the full job description
Dental care
Employee assistance program
Housing allowance
Paid vacation

Full job description
Manager, Information Security
Banff Centre for Arts and Creativity aims to inspire everyone who attends our campus – artists, leaders, and thinkers – to unleash their creative potential.

We acknowledge, with deep respect and gratitude, our home on the side of Sacred Buffalo Guardian Mountain. In the spirit of respect and truth, we honour and acknowledge the Banff area, known as “Minhrpa” (translated in Stoney Nakoda as “the waterfalls”) and the Treaty 7 territory and oral practices of the Îyârhe Nakoda (Stoney Nakoda) – comprised of the Bearspaw, Chiniki, and Goodstoney Nations – as well as the Tsuut’ina First Nation and the Blackfoot Confederacy comprised of the Siksika, Piikani, Kainai. We acknowledge that this territory is home to the Shuswap Nations, Ktunaxa Nations, and Metis Nation of Alberta, Rockyview District 4. We acknowledge all Nations who live, work, and play, help us steward this land, and honour and celebrate this place.

The Opportunity
The Manager, Information Security will play a key role in helping to reduce the risk of a major cyber incident at Banff Centre, as well as leading the detection and containment of any cyber incidents that might occur. This position will recommend policies, develop staff awareness through cyber security programs, manage and monitor technical threat detection, analysis, and control systems, and act quickly to contain breaches when they occur.

Roles and Responsibilities
Reporting to Director, IT/S, some key accountabilities include:

Leadership and Coordination

Use existing security tools, constantly monitor the cyber threat landscape and identify how those threats apply to Banff Centre.
Monitor applications, devices, and network infrastructure for significant threats and work with service owners to patch and mitigate risks.
Lead the ITS team in responding to security incidents, including investigation, containment, and remediation. Work independently and with other teams to manage and support remediation projects to resolve identified risks. This includes reviewing, investigating and escalating security incidents such as phishing, malware, infections, etc.
Implement and manage security controls to reduce identified risks based on their impact and likelihood of occurrence, as identified by the security provider.
Collaborate with cross-functional teams to provide security guidance and advice for all information technology projects, acquisitions and services. Ensure security measures are integrated into system architectures and applications
Track controls effectiveness and overall cybersecurity performance against a common framework and recommending adjustments as necessary.
Assess all information technology risks and compliance and advise the Director, IT/S of mitigations and solutions required.
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security, with to assist in moving to a proactive security stance.
Collaborate with internal and external teams to troubleshoot and resolve complex technical problems.
Create and maintain technical documents and the supporting knowledge base.
Conduct risk and vulnerability assessments and analysis using industry frameworks (ISO 27001, NIST CSFT) for new projects, applications, and 3rd party vendors.
Provide direction and leadership to all teams in responding to security incidents, including investigation, containment, and remediation.
Recruit, hire, and mentor staff, assigning work, and measuring performance in relation to the strategic standards of excellence and goals. Work closely with the Human Resources Team to ensure policies, procedures, contractual, legislative and work culture expectations are met.
Maintain effective working relationships with team members, internal partners, customers, the union and other stakeholders.
Qualifications and Educational Requirements
Minimum 5 years’ Information Technology experience in a mid-to-large company, including at least one to two years of specific experience in cyber security.
5 years’ experience managing/supervising a team.
Post secondary education in Information Technology with certifications in cyber security (CISSP, SSCP, CISM, CISA, CEH, others). Security-related certifications or related training, or pursuit of such certifications.
Experience in identifying, analyzing, containing and documenting security incidents.
Practical experience with incident triage and investigation techniques and technologies.
Experience automating investigations and processes using basic scripting and tools such as PowerShell or Python.
Practical networking experience with a good knowledge of TCP/IP, certificates, and other network protocols.
Extensive experience with Microsoft Azure administration, O365, MFA, encryption, SSL, Certificates.
Experience with Windows and Linux server administration (MacOS an asset).
Proficient understanding of core Microsoft technologies such as Active Directory, Group Policies, DNS, and DHCP.
Practical understanding of patch and vulnerability management.
Working knowledge of NIST Cyber Security Framework.
Good working knowledge of Microsoft 365 applications and security.
Threat hunting and log analysis expertise preferred.
Excellent communication skills, both verbal and written, with the ability to convey technical information to non-technical stakeholders.
Strong team player with a high level of professionalism and ethics.
Strong analytical and critical thinking skills and the ability to meet multiple demands and deadlines in high-pressure environments.
Demonstrated commitment to the personal development of new technical skills and knowledge.
Ability to manage tasks independently and take ownership of responsibilities.
Comfortable and adaptable to taking on various roles, both on a technical level and operational level.
Experience working within a unionized environment is an asset.
Knowledge specific to the academic sector is an asset.
Employment Terms and Benefits
In accordance with the terms of employment governing Management/PSP employees, this is a salaried, full-time position, subject to a 6-month probationary period.
The salary range for this position is $68,714 - $102,040 based on experience.
The successful candidate will enjoy twenty paid vacation days and four personal days annually, extended medical and dental benefits, and participation in an employer-matched pension plan.
Benefits of working at Banff Centre are:
Transitional staff housing options (based on availability)
Professional development
Employee Assistance Program
Health care spending account
Staff cafeteria and restaurant discounts
Onsite fitness facility at a discounted rate – first month free for new staff!
Application Process
We are accepting applications for the Manager, Information Security position until a suitable candidate is found.
Candidates offered a position with Banff Centre, in this capacity, will be required to obtain a criminal record check verifying a clear record before a final job offer can be finalized.
Visa Requirements: Candidates must be legally eligible to work in Canada. Banff Centre is unable to assist candidates in obtaining Canadian work authorization.

Commitment to Diversity

Banff Centre for Arts and Creativity is committed to creating an equitable, diverse, and inclusive campus for students, faculty, staff and visitors. Guided by our values, Banff Centre is rooted in Alberta with provincial, national and global impact. Our strength arises from inclusion; the diversity of people, ideas, perspectives, and cultural backgrounds in our work and team. We encourage women; First Nations, Métis and Inuit persons; members of visible minority groups; persons with disabilities; persons of any sexual orientation or gender identity and expression to apply.

FOIP Statement

Banff Centre for Arts and Creativity, through its third-party vendor, collects and stores information applicable to the candidate profile you create when you submit the information asked for above. The use and disclosure of the collected information is for the sole purpose of job search and placement activities for Banff Centre. The information is subject to the Freedom of Information and Protection of Privacy Act. The information will be retained and when disposed of it is done so in a secure matter.