Position Number: 50021267
Department: Administration Services, Instructional and Information Technology Services
Grade: GR14
Campus: Sir George Williams (Downtown)
Salary: $98,135.15 - $117,231.30 per annum
Union/Association/HR Policy: CUPEU
Posting deadline: December 4, 2024
Recognized as Canada’s top university under the age of 50, and one of Montreal’s top Employers, Concordia University is the place to be if you are looking to grow, contribute and innovate in a dynamic and multicultural environment.
Be part of a community that addresses society’s big challenges, supports your personal and professional growth, and makes a real impact in building a more sustainable world.
As a member of our community, you will have access to comprehensive benefits, a defined pension plan and numerous on site well-being facilities such as a state of the art gym and health clinic as well as a variety of educational and cultural opportunities.
SCOPE
Reporting to the Director, Administrative Services, the incumbent develops and maintains processes, policies, standards, guidelines, and procedures in alignment with industry best practices, technological development, and regulatory requirements. Responsible for identifying, evaluating, and tracking risks linked to the university’s IT environment and integrating management processes and key risks to the University’s enterprise risk management processes.
PRIMARY RESPONSIBILITIES
• Develop and lead an IT risk assessment process to identify and evaluate potential IT risks before they impact operations; conducts risk assessments across all IT projects and operations; brings awareness and integrate IT risk management processes and key risks to the University’s enterprise risk management processes.
• Creates and keeps up to date new and existing University IT policies, directives, procedures and compliance regulations.
• Contributes to the development and implementation of technical controls and configurations to align with policies, directives, and procedures.
• Maintains and is responsible for the University’s IT Risk Register. Documents, tracks, and reports on risk mitigation measures.
• Provides regular updates and reports to stakeholders and senior IT leadership
• Collaborates with University risk and policy officers to ensure institutional coherence and alignment
• Monitor and communicate any changes to regulatory requirements applicable to the IT sector.
• Develop, document, and lead processes for regulatory compliance, including necessary government filings.
• Provides advisory support to leadership and operational teams as well as guidance and training to employees on IT risk and compliance
• Communicate with governmental authorities.
• Perform other tasks and activities as identified by the Director.
QUALIFICATIONS
• Bachelor’s degree in administration, computer science or a related field with four to seven years of experience in information security, IT audit, compliance, governance, and/or IT Risk Management. Knowledge of the higher education environment an asset.
• Knowledge of the processes related to the Loi sur la gouvernance et la gestion des ressources informationnelles (LGGRI)
• Professional certifications (ITIL, COBIT, CRMP, CRISC, PMI) an asset.
• Minimum two years working experience with risk discovery and assessment, as well as appropriate mitigation and controls.
• Knowledge and working experience with risk management frameworks (COSO, NIST RMF, ISO 31000, ITSG-33)
• Good knowledge (Level 4) of written and spoken English and French.
• Knowledge of Quebec and Canadian law (LGGRI, LPRPDE, Loi 25)
• Knowledge of security technologies such as various monitoring and log aggregation platforms, penetration testing frameworks, operating systems, vulnerability scanners, and endpoint security solutions.
• Must have excellent analytical and problem-solving skills
• Ability to prioritize work, manage multiple tasks simultaneously and meet deadlines.
• A self-starter who works independently in a dynamic work environment through strong organizational, communication, planning and time management skills.
Due to the volume of applications, only selected candidates will be contacted by our Talent Team.
Concordia University is an English-language institution of higher learning at which the primary language of instruction and research is English. Since this position supports academic and administrative functions of the university, proficiency in English and French, as indicated, is required.
IMPORTANT: The language and computer skills of short-listed candidates will be tested.
Territorial Acknowledgement
Concordia University is located on unceded Indigenous lands. The Kanien’kehá:ka Nation is recognized as the custodians of the lands and waters on which we gather today. Tiohtià:ke/Montreal is historically known as a gathering place for many First Nations. Today, it is home to a diverse population of Indigenous and other peoples. We respect the continued connections with the past, present and future in our ongoing relationships with Indigenous and other peoples within the Montreal community.
Employment Equity
Concordia University is strongly committed to employment equity within its community, and to recruiting a diverse faculty and staff. The University encourages applications from all qualified candidates, including women, members of visible minorities, Indigenous persons, members of sexual minorities, persons with disabilities, and others who may contribute to diversification; candidates are invited to self-identify in their applications. As part of your application, you will be asked to complete a diversity survey. This information is voluntary and any information collected for this purpose is confidential and cannot be accessed by search committees or human resources employees. Results will be aggregated and used to help Concordia achieve its goal to see all members of our community not only reflected, but welcomed, included and supported in their efforts to contribute to all areas of university life.
Accessibility
Concordia desires to increase diversity among its community members and we strive to make our recruitment processes as accessible as possible and provide accommodations as required for applicants. If you are contacted for an interview and anticipate needing accommodations during the process, please contact, in confidence, hr-employment@concordia.ca
Immigration Status
All qualified candidates are encouraged to apply; however, Canadian and Permanent Residents will be given priority. To comply with the Government of Canada’s reporting requirements, the University is obliged to gather information about applicants’ status as either Permanent Residents of Canada or Canadian citizens.