Manager, Cyber Security & Microsoft 365 Azure Specialist

Full-Time, Permanent (Benefitted)

London, Ontario

- Application Deadline: January 29, 2025 -

This position is responsible for leading the organization’s cybersecurity efforts, for managing the Microsoft 365 and Azure environments and for directing a team of professionals assigned to work in this area.  This leadership role will be responsible for designing, leading the implementation and directing the maintenance of robust security measures that are intended to protect the organization’s digital assets while ensuring the efficient operation of the Microsoft 365 and Azure platforms. This leadership position also provides input into the development of cybersecurity policies and procedures, seeks out and initiates relevant trainings for Employees, and addresses security breaches with Employees.

Successful candidates must have a Police Vulnerable Sector Check completed in the last six months. Interested applicants who reside in the City of London and are in need of a Police Vulnerable Sector Check (PVSC) are encouraged to apply for one as soon as possible as PVSCs in the City of London are currently taking approximately 2 weeks to be processed and offers of employment cannot be made without receipt of a PVSC.

Consider revitalizing your career and making a difference in your community by joining our team!

WHAT WE'RE OFFERING:

• What you'll be making - $40.56 - $45.51 per hour (Manager Grid).
  • The above are initial rates; with grid increases as per policy
  • Internal staff members will be placed on the appropriate grid based on their current rate of pay, up to Level 8 of the grid (see Intranet Policy - http://bit.ly/CompensationPolicyPg16)
• When you'll work - 70 hours over two-week period. Monday to Friday 8:30am-4:30pm
• What your benefits will be - After a 90-day waiting period, will be enrolled in health care benefits plan
• Your pension plan - Will be enrolled in the Healthcare of Ontario Pension Plan (HOOPP)  

HOW YOU WILL BE MAKING A DIFFERENCE:

Cybersecurity:

• Monitors and analyzes emerging cyber threats and trends, providing recommendations to mitigate risks.
• Develops and delivers briefings that identify issues, trends, implications, and recommendations.
• Develops a comprehensive cybersecurity strategy that aligns with organizational objectives and industry best practices.
• Conducts regular risk assessments, vulnerability scans, and penetration testing to identify potential threats and vulnerabilities.
• Leads the incident response process, including investigation, containment, eradication, and recovery from security breaches.
• Develops, implements and enforces security policies and procedures to ensure compliance with regulatory requirements (ie. PHIPA).
• Acts as a primary contact with vendors, as necessary, and make recommendations to the Director of Corporate Systems.
• Designs and delivers cybersecurity training programs for Employees to promote security awareness and best practices.

• Oversees the administration of Microsoft 365 services, including Exchange Online, SharePoint, Teams, OneDrive, and Intune.
• Designs, implements, and manages secure Azure environments, including virtual networks, VMS, identify management and storage solutions.
• Implements and manages Azure Active Directory (AAD), Multi-Factor Authentication (MFA), Conditional Access, and other identity and access management solutions.
• Implements and maintains data protection measures, including encryption, data loss prevention (DLP), and backup and recovery strategies in both Microsoft 365 and Azure environments.
• Develops automation scripts using PowerShell, Azure CLI, or other tools to streamline management tasks and improve efficiency.
• Establish monitoring and logging for Microsoft 365 and Azure environments, and conduct regular reports on system health, performance, and security incidents.

• Assigns day-to-day workload for team.
• Assigns projects for team members, as required.
• Liaises with Corporate Services or other departments / teams to identify issues and to initiate changes for improvement.
• Addresses behaviour of any CMHA TVAMHS Employee that may be contrary to the security policies and procedures.
• Provides feedback and completes regular supervisions and annual performance reviews for team members.

• Leads or participates in special projects as required.
• Acts as a resource to CEO, Directors, Managers, and Committees, as required.
• Other administrative requests / duties as required.

WHAT YOU'LL NEED TO APPLY:

Police Vulnerable Sector Check Requirements

Successful candidates must have a Police Vulnerable Sector Check completed in the last six months. Interested applicants who reside in the City of London and are in need of a Police Vulnerable Sector Check (PVSC) are encouraged to apply for one as soon as possible as PVSCs in the City of London are currently taking approximately 2 weeks to be processed and offers of employment cannot be made without receipt of a PVSC.

We require the following qualifications:

• Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field (primary proof of education will be required within one month of employment)
• Valid Ontario driver’s license and access to a vehicle
• Proof of current Police Vulnerable Sector Check
• Ability to attend work regularly

We prefer the following qualifications:

• Relevant certifications such as CISSP, CISSP, CISM, CCSP, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, or equivalent are preferred.
• 5 years of experience in cybersecurity, with a focus on cloud security
• 3 years of hands-on experience with Microsoft 365 and Azure administration
• Middle-level management experience motivating and directing a team of professionals
• In-depth knowledge of cybersecurity frameworks (e.g., NIST, CIS Controls)
• Proficiency in Microsoft 365 administration, including Exchange Online, SharePoint and Teams
• Strong experience with Azure security tools and services (e.g., Azure Security Center, Azure Sentinel, Azure Key Vault)
• Expertise in identity and access management using Azure AD, MFA and Conditional Access
• Strong scripting and automation skills with PowerShell or Azure CLI
• Experience with security information and event management (SIEM) tools
• Familiarity with network security, firewalls, VPNs and endpoint protection solutions

INTERNAL APPLICATIONS: To be considered as an internal applicant, current staff members are reminded to apply using their @cmhatv.ca or @slwar.ca email address.

Get your application in by – January 29, 2025:

Our recruitment process allows us to learn about your previous work experience, your qualifications and your commitment to fulfilling our vision. While we appreciate the interest of all applicants, only those individuals being considered for a position will be personally contacted by someone from the interview team. 

We welcome and encourage applications from all members of our community including persons of any gender, gender identity, gender expression, or sexual orientation, persons with disabilities, Indigenous persons, and members of visible minorities. If you require accommodations related to a disability at any point during the recruitment process, please contact [email protected]