This job posting has expired.

Here are some similar positions.

Senior Security Advisor

December 27 2021
Industries Public administration
Categories Project Management, Business Analysis, Information Technology, IT, Project management, Security, Continuity, Risk, Product development and Management
Oakville, ON

Senior Security Advisor

Department: Strategic Transformation Group

Division: Information Technology

Position: Senior Security Advisor

Note: At the Region of Halton, we treat everyone with respect, honesty, fairness and trust. As an equal opportunity employer, we are committed to establishing a qualified workforce that is reflective of the diverse population we serve. 

This is a permanent full time position working 35 hours per week. 

Halton Region serves more than 595,000 residents throughout Burlington, Halton Hills, Milton and Oakville. We are committed to delivering high quality programs and services that make Halton a great place to live and work.

We engage great people who contribute to meaningful work that makes a positive difference in our community. As an employee, you will be part of a progressive, service focused and award winning employer with a diverse and inclusive work environment. At Halton, you are encouraged to grow and succeed in your career and are recognized for your accomplishments and contributions.

We are committed to becoming a Digital First organization. This means organization-level transformation that will set the foundation for our future success. There is no better time to join Halton Region as we work to deliver high-quality services to residents and our employees in the digital age.

We are looking for a transformational leader who will be key to establishing a strong digital culture through collaboration, innovation, accountability and partnerships.


Reporting to the Director, Information Technology, this position will be responsible for the development and delivery of a comprehensive corporate information security program. This position will oversee and manage information technology and information management security efforts across the Region, including Information Technology Services. Successful candidates will collaborate to identify, develop, and implement security initiatives, policies, standards and procedures related to information technology and information management and is accountable for ongoing monitoring, compliance and improvement/enhancement.

Preferred Background:
The successful candidate will have Bachelor's degree in Computer Science, Information Technology or a related discipline, or equivalent experience with five (5) years of experience managing enterprise class infrastructure in a multi/hybrid cloud environment that includes Azure (inclusive of Office365), AWS, and on-prem, and cloud is required. The successful incumbent will have three (3) to five (5) years' experience working in IT management.

Experience with modern cloud infrastructure, network monitoring and management tools, NIST Framework, ITIL, complex networks is required. Knowledge of current information security, audit and legal industry practices and standards, specifically ISO 17799, NIST, COBIT, PIPEDA, PHIPA and ITIL are required along with strong knowledge of LAN/WAN configuration and design, VPN, firewalls, wireless, Windows Active Directory and TCP/IP. Understanding of information security principles and best practice (e.g., ISO27001 and ISF Standards of Good Practice for Information Security). Experience with Building Automation Systems, SIEM, MDR, Security tools for network and endpoint security, Firewalls (Fortinet, Palo Alto,), Citrix and WVD/Workspaces is required. Industry qualifications - CISSP / CISA / CRISC / SABSA is preferred.  

Excellent oral written and presentation skills are necessary along with strong interpersonal skills and the ability to work in a team environment. Must have ability to prioritize, communicate and organize multiple projects of varying complexity, frequently under deadline pressure.

Core Skills/Competencies:

  • Enterprise IT Governance
  •  Systems Design
  • IT Management
  • Business Risk Management
  • Emerging Technology Monitoring
  • Change Implementation Planning and Management
  • Performance Management
  • Information Systems Coordination
  • Relationship Management
  • Information Security
  • Enterprise and Business Architecture
  • Relationship Management

Employment Conditions:

The successful candidate will be made an offer of employment on condition that the Regional Municipality of Halton receives a current (obtained within the past six (6) months), original and acceptable Criminal Records Check, by the first day of employment.


In support of the Region's commitment to a healthy and safe workplace and community, the Region has a vaccination requirement for all employees.

The successful candidate will be made an offer of employment on the condition of being fully vaccinated against COVID-19 and able to provide proof of vaccination. Fully vaccinated is defined as having received the completed series of an accepted COVID-19 vaccine, as recommended by the Office of the Chief Medical Officer of Health and having received the final dose at least 14 days before your employment start date.

The candidate will be asked to provide the Region with proof of full vaccination, prior to their employment start date. Acceptable proof is a Ministry of Health Dose Administration Receipt (or such other proof of vaccination that the Province of Ontario sanctions). This can be obtained through the Provincial portal

The requirement to be fully vaccinated is subject to the Ontario Human Rights Code. If the candidate is unable to vaccinate for a reason protected by the Code, a request for accommodation can be requested and written proof satisfactory to the Region will be required.


  • Leads the implementation of the Region's cyber security program, the development and implementation of information technology and information management security policies, standards, and procedures.
  • Leads the development and delivery of awareness and training concerning information security, which  includes developing strategic and tactical plans, implementing the various means of heightening awareness, monitoring, and evaluating and revising or developing alternative or additional approaches.
  • Leads the development and implementation of the Region's IT incident response program.
  • Develop and implement an ongoing risk assessment program targeting electronic information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing.
  • Develops and maintains the processes involved in managing risks. Regularly facilitates reviews to assess the state of identified risk; develops preventative measures to mitigate risk.
  • Responsible for addressing compliance and risk management, reporting to the Region's senior management on the state of compliance, potential risks, and mitigation strategy.
  • Performs vulnerability assessment of IT systems using industry best practices.
  • Ensures the enforcement of IT security policies across the Region, including Information Technology.
  • Ensures security of enterprise information systems by evaluating Regional and IT strategies and requirements, analyzing vulnerabilities and risk, planning, and implementation of strategic initiatives.
  • Evaluates the IT and Regional strategic plans and ensures that security technology/information management protocols are defined and applied.
  • Provides Information Technology and Regional departments/divisions with security-related consulting services on technology and information management and offering insights or advice on best industry practices.
  • Works in collaboration with IT and other Regional staff, identifies and implements approved tools and resources to monitor the use of technology and identify technology and/or information-related security breaches or misuse.
  • Serves as an active member of security related industry workgroups/committees.
  • Contributes subject matter advice and recommendations on the Region's Disaster Recovery Plan (DRP).
  • Performs other duties as assigned.

Posted: November 23, 2021

Posting Expires: January 3, 2022

Posting #: STG-507-21

Apply Online at: Halton Job Postings

Important Information:

  • We appreciate all applications however only those selected to advance in the selection process will be contacted. Candidates will be contacted by email and/or phone. Please check your email and voicemail regularly.
  • We are committed to providing accommodation throughout the selection process. If you require accommodation please notify us and we will work with you to meet your needs.

NOTE:  Personal information collected through the job application process will only be used for the purpose of determining qualifications for employment. network