Senior Digital Risk Management & Advisory Officer
Requisition ID: 15715
Department: Finance and Corporate Services Dept.
Service: Chief Information Security Office
Branch: Cyber Risk Mngmnt Governance CmplnceUnit
Employment Type: 1 Full-time Permanent
Work Hours: 35.00 hours per week
Affiliation: CIPP
Salary Information: $101,426.78 - $114,097.62 annually (2025 rates of pay)
Location: 100 Constellation, Nepean
City: Ottawa, ON
Job Category: Cybersecurity
Application Close: 24/01/2025
JOB SUMMARY
The Chief Information Security Office is responsible for delivering and overseeing cyber security and digital risk management programs across all City business lines, including strategic enablement and emerging threats identification, policy and implementation oversight, digital risk management, and security governance and culture transformation.
The Digital Risk Management and Advisory Unit is responsible for the governance of security risk management programs across the organization.
You are responsible for designing and supporting digital risk management and cyber security advisory programs to promote user trust and manage risks to data. You build partnerships with all departments across the organization to ensure the City meets set security, privacy, and regulatory commitments. You promote and improve digital risk management culture and advise all business lines on best practices to protect assets from existing and evolving cyber threats.
EDUCATION AND EXPERIENCE
Completion of a 4 year university degree in Information Security, Computer Science, Risk Managment or other related field.
Minimum of 7 years of progressively responsible experience in an Information Technology role, Information Systems Audit role, Information Security role, or Digital Risk Magamement role
CERTIFICATIONS AND LICENCES
KNOWLEDGE
- Deep subject matter expertise in Information Security, Compliance and/or Risk Management programs and best practices, preferably within the Tech and Public Administration Sectors.
- Experience in building or maintaining risk magament programs across a wide variety of regulatory and compliance frameworks
- In depth knowledge of least two of the following: the NIST Cyber Security Framework, ISO 2700x, SOC1 & 2 (SSAE18), PCI DSS, NIST-800-53, FFIEC Cybersecurity Assessment Tool, SANS Top 20, etc.
- Sufficient technical knowledge of technical concepts relevant to cloud computing environments: logical access, agile development process, security architecture, information security, network security, and privacy.
- Strong understanding of current digital products and services to include web, mobile, chat, text and the evolving use of artificial intelligence.
- Legislation, regulations, policies, standards and guidelines relevant to the work
- Industry trends and developments
- Must be familiar with applicable health and safety legislation, have knowledge of any potential or actual danger to health or safety in the work place, and have knowledge of appropriate actions to be taken in order to ensure the health and safety of staff in accordance with applicable legislation and City policies and procedures.
COMPETENCIES, SKILLS AND ABILITIES
- Ability to work well in fast paced team environment with a wide range of technical and non-technical teams.
- Excellent writing, communication, and organizational skills - strong attention to detail.
- Ability to confidently convey nuanced information to a variety of audiences, including senior leaders.
Core Behaviours
Core behaviours define the City's expectations of the behaviours employees should demonstrate in performing their work. They are reflective of the City's culture and values and guide all our present and future activities. Every employee is encouraged to learn, embody, and demonstrate these core behaviours.
Review the Core Behaviours.
Leadership Competencies
The City has defined key competencies that leaders are expected to embody and demonstrate to successfully move the organization towards achieving its strategic objectives and create an organizational culture that supports and empowers employees to excel, grow and reach their full potential. These leadership competencies and associated behaviours are expected to be demonstrated by leaders at all levels of the organization.
Review the Leadership Competencies.
WHAT YOU NEED TO KNOW
- Language Requirement: English oral, reading, writing
- Police Record Check: The successful candidate will be required to complete a Criminal Records and Judicial Matters Check with the Police Services detachment in their jurisdiction to the City of Ottawa’s satisfaction.; Police record checks completed by a third-party company will not be accepted. (Under Review)
- Experience and formal training combined with demonstrated performance and ability may substitute for stipulated academic requirements.
- Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.
We wish to thank all applicants for their interest and effort in applying for this position. Only candidates selected for interviews will be contacted.
The City of Ottawa promotes the principles of diversity and inclusion and adheres to the tenets of the Canadian Human Rights Act and the Ontario Human Rights Code. We encourage applications from members of Indigenous, Black and other racialized communities, persons with disabilities, women and non-binary persons, persons of all ethnic origins, religions, sexual orientations, classes, gender identities and expressions.
Candidates are encouraged to self-identify as a member of one or more designated employment equity groups in the self-identification questionnaire.
The City of Ottawa provides accommodation during all parts of the hiring process, upon request, to applicants with disabilities. If contacted to proceed to the selection process, please advise us if you require any accommodation.
Accessible formats and communication supports are available upon request. Please contact the HR Service Centre at 613-580-2424, extension 47411.